WinSCP Technical Requirements
Server Requirements
Using WinSCP, you can connect to a SSH (Secure Shell) server with SFTP (SSH File Transfer Protocol) or SCP (Secure Copy Protocol) service.
SFTP is a standard part of SSH-2 package. SCP is a standard part of SSH-1 package. You can also run both protocols on the latter SSH version. WinSCP supports both SSH-1 and SSH-2. For authentication, the user can use user name and password or public key (RSA or DSA). Other supported means of authorization include TIS, Cryptocard, Keyboard-interactive, and Kerberos.
SFTP Requirements
For SFTP, the only requirement beyond the server requirements
above is to run SFTP on the server. It is best to run it as
a SSH-2 subsystem. If you select
SFTP-only on the login screen and the
SFTP subsystem is not found, WinSCP will try to find the
SFTP server in some common directories
(/usr/lib/sftp-server
, /usr/local/lib/sftp-server
, etc.). This way, it is possible
to use SFTP even with
SSH-1, which does not support subsystems.
SCP Requirements
To transfer files, scp1
is used (it is called from within scp
). If only scp2
is allowed on your server, check the Use scp2 with scp1 compatibility
option on the SCP/Shell tab in the Login dialog.
For correct functionality, you must do the following. The bash
shell is recommended
for working with WinSCP. If your default shell doesn't work with WinSCP, you can make WinSCP use
other shell.
For its operation, WinSCP needs several commands: cd
, chgrp
,
chmod
, chown
, echo
, groups
, ls
,
mkdir
, mv
, pwd
, scp
, rm
, ln
,
unalias
and unset
. These commands have to be placed in the path and user must have
sufficient permissions to execute them. WinSCP expects "standard" behavior of these commands. You can avoid
needing these commands by not using some of WinSCP functions (mkdir
, chown
,
ln
, etc.) or by changing some configuration options (groups
,
unalias
and unset
).
Just after establishing the connection with server, all aliases on the above commands are cleared. This helps avoid unexpected behavior.
Another precondition is that the output of all commands is in English. This mostly concerns names of months
in directory listings (ls -la
). Because of this, WinSCP clears
all user variables that govern command output after login. If command output also reflects some other
server settings, it may be necessary to change this before WinSCP can be used.
The last necessary condition is the proper output of ls -la
command.
Particularly standard number and ordering of the columns.
If the default output does not satisfy WinSCP need, you can use
Listing command option
on the SCP/Shell tab in the Login dialog to modify it.
WinSCP will attempt detect support for --full-time
switch of the ls
command.
If the detection causes you problems, you can disable it.
Using WinSCP with Restricted Shell Environments
A number of restricted shell environments exist for supporting SFTP/SCP only accounts. These systems restrict the user to a small subset of commands needed to manipulate files while denying the ability to execute arbitrary commands. Some of these environments create incompatibilities with WinSCP, particularly if using SCP instead of SFTP.
Effect of Remote User Environment on WinSCP Sessions
Most shells nowadays offer options to make the user experience better. Unfortunately many of these options make the shell incompatible with WinSCP.
This mainly affects the SCP protocol. An example is colorized
output with the ls
command that outputs ANSI color sequences to the command output which WinSCP is
unable to parse.
Also, the SFTP protocol can be affected. A typical example is where some message is printed from a start-up script. WinSCP (and any other SFTP client) will attempt to parse the message as an SFTP packet, which will obviously fail.
You should configure your start-up scripts to conform to non-interactive sessions (like WinSCP). Some shells
call different profile/start-up scripts for interactive and non-interactive sessions. You can also use some
environment variables, such as TERM
to distinguish interactive and non-interactive sessions.