Get WinSCP - Scripted SSH & SFTP client for Windows

WinSCP is a popular file transfer client for Windows. It was originally developed by Martin Prikryl. It also provides limited remote command execution and scripting capabilities. There is no support for terminal emulation, but it can be used together with PuTTY.

Downloading WinSCP for Windows

The installation package and source code can be downloaded from winscp.net.

Other SSH clients can be found here.

WinSCP for Mac

WinSCP is not available for Mac OS. However, other free alternatives are available. For example, Cyberduck and FileZilla are fairly popular alternatives.

Main Features

The main features of WinSCP include:

• Graphical user interface

• Runs on Microsoft Windows

• Translations are available for several languages, including Chinese, Czech, French, German, Japanese, and Spanish

• SFTP, FTP, FTPS, and WebDAV protocol support

• Uploading, downloading, renaming, deleting, creating files and directories and managing their permissions.

• Scripting language for automating file transfer tasks

• Synchronizing directories bidirectionally

• Simple built-in text editor for editing scripts

• Ability to share the session profile files with PuTTY

• Supports keyboard-interactive authentication, public key authentication, and GSSAPI authentication. Windows single sign-on is supported.

• Both Windows Explorer and dual-pane modes for file transfer. THe Windows Explorer mode only shows a pane for the remote directory, whereas the dual-pane view shows both a local and a remote directory simultaneously.

• Ability to encrypt information about remote sites using a master password. However, this option is only available in interactive mode and cannot be used with scripting.

• Normal installer and .EXE ("portable executables") alternatives

• Configuration data can be stored in either Windows registry or in configuration files (.INI, for use with portable executables).

Installing

Usually, the software is installed from an installation package like any other software packages. This is how most people use it.

Upgrading can be done by installing the new version. Upgrading preserves configuration files.

The software can also be run directly from an executable file without installing it. This is called portable mode. It allows running the software from USB sticks, which can provide some extra security when using public computers. However, malware running on the computer could easily corrupt the software on the USB stick or steal encryption keys from the application's memory. Thus the extra security is largely illusory.

The portable executable can be upgraded by just replacing the executable with a newer one.

Uninstalling

To remove the application, go to Control Panel > Programs > Uninstall a program. In Windows 10, go to Settings > System > Apps & features.

WinSCP Scripting Summary

The software implements a simple scripting language that can be used to automate certain operations with a server. The scripting language relies on credentials stored in local files.

The scripting language implements the following commands. More detailed documentation can be found at https://winscp.net/eng/docs/scripting.

call - executes an arbitrary command on the server. Commands requiring input are not supported.

cd - changes remote working directory

checksum - calculates checksum of a remote file

chmod - changes permissions of remote files

close - closes a session

echo - prints a message to script output

exit - closes all sessions and terminates the program

get - downloads one or more files from a remote directory

help - provides help on commands

keepuptodate - updates a remote directory to reflect local changes

lcs - changes local directory

lls - lists files in a local directory

ln - creates a symbolic link on the remote host

lpwd - displays the current local directory

mkdir - creates a new directory on the remote host

mv - renames or moves a file on the remote host

open - opens a new connection to a server. For the SFTP protocol, password may be hard-coded in the command or public key authentication may be used. For interactive sessions, the user may type the password.

option - sets script options, such as echoing, confirmations, reconnect time limit for broken sessions, and whether to fail if wildcard matches no files.

put - uploads files to a remote directory

pwd - displays the current remote working directory

rmdir - removes a directory from the remote host

session - selects which session to use for the following commands

stat - gets attributes of a file from the remote host

synchronize - synchronizes a local directory with a remote directory, updating changed files in either direction

Scripting as .NET Assemblies

The software provides COM interfaces for any .NET programming language that supports COM. The interfaces are provided by the winscpnet.dll library. More complex automation can be implemented in any such language. PowerShell is one such language; C#, VB.NET, ASP.NET, Microsoft Azure Website, and SQL Server Integration Services (SSIS) are also supported.

WinSCP Command Line Mode

While the application does not have a full terminal emulator, it does support a command line mode for executing commands remotely. The command line mode does not support commands that require keyboard input.

It is possible to use the application in conjunction with PuTTY to have access to full terminal capability.

Cloud Service Support

Guides exist for using the application with several cloud services. See https://winscp.net/eng/docs/guides.

Strengths

• Session scripting

• Integration to .NET scripting tools

• Synchronizing directories

• Good documentation

Weaknesses

• No SSH key management support

• Hardcoded passwords - compliance violation

• Slow to copy many files

• Opening a large directory can hang the application for an extended period, particularly over long-distance networks

Comparison

• Some people clearly prefer WinSCP over FileZilla

• WinSCP has no terminal window. Users who need a terminal need a separate client (see downloads page).

Summary

WinSCP is good for managing a small number of servers and for implementing small-scale file transfer automation.

Inability to automate key management makes it very cumbersome in large enterprises and makes compliance audits very difficult.

WinSCP is open source and does not come with any support.

Security Alert

Many organizations have massive amounts of SSH keys that must be properly managed. If left unmanaged, they pose a major risk and compliance issue. See more

SSH tunneling, unless properly controlled, can allow backdoor access from the Internet into internal networks. See more

Sites sending ssh: (and maybe sftp:, scp:, webdav: etc) URLs could potentially trigger WinSCP to perform undesired and harmful actions.

How to Get an SSH Server

General information about SSH servers can be found here. For a Windows server, see Tectia SSH. For an IBM mainframe server, see here. For a Linux server, see OpenSSH. For 24x7 support, see here.

Screenshots

Commander window for downloading and uploading files

Explorer user interface

Command line console