Proper setup of user permissions for OpenSSH on Windows?

Solution 1:

How bad do you want SFTP? Cygwin is somewhat hacky, and OpenSSH for Windows is way, way outdated. My approach has been to use WebDAV which solves most of the problems you have:

  • Read and write files
  • Encrypted protects authentication tokens and files
  • supported on damn near every OS
  • overzealous firewall configuration resistant

IIS supports it, even on the version that comes with server 2000.

Solution 2:

After further research I have found that my original suggestion below to use the built-in chroot functionality is not supported under cygwin.

You might be better off looking at other alternatives. Perhaps webdav, perhaps a ftps server (filezilla), or maybe one of the other proprietary sftp servers.

A option that is available if you must do this with the cygwin OpenSSH would be to use the scponly shell. Here is an pdf describing the procedure.


Not sure which version of openssh you have on windows. But it sounds like you want to setup a sftp chroot.

You might want to check out these related questions.

  • Securing file system for secure SFTP server
  • SFTP to chroot and SSH to manage system in one config?
  • How to secure SFTP wihtout re-compiling OpenSSH?