WinSCP Review and Download
WinSCP is a relatively popular Windows SFTP client originally developed by Martin Prikryl. It is primarily intended for file transfers, but offers also limited remote command execution and scripting capabilities. It includes no support for terminal emulation. WinSCP also supports the legacy FTP and WebDAV protocols.
Downloading WinSCP for Windows
The installation package and source code can be downloaded from winscp.net.
Other SSH clients, and clients for other platforms can be found here.
WinSCP for Mac
Main features of WinSCP include:
- A graphical user interface - it is a Windows application
- Translations into several languages, including Chinese, Czech, French, German, Japanese, and Spanish
- SFTP and SCP protocol support, including keepalives
- Uploading, downloading, renaming, deleting, creating files and directories and managing their permissions.
- Scripting language for automating certain file transfer tasks
- Synchronizing directories bidirectionally
- Simple built-in text editor for editing scripts
- Ability to share the session profile files with PuTTY
- Supports password (including keyboard-interactive), public key and GSSAPI (Kerberos) authentication
- Both Windows Explorer (remote window only) and dual-pane (remote and local views simultaneously, very much resembling Tectia SSH)
- Ability to encrypt information about remote sites using a master password (however, this option is only available in interactive mode and cannot be used with scripting)
- Normal installer and
portable executables) alternatives
- Configuration data can be stored in either Windows registry or in configuration files (
.INI, for use with portable executables)
Installing and Uninstalling
The application can either be installed on a machine, or run directly from an executable file (with configuration in a
.ini file). The portable mode can be used from USB sticks. Most users would use the normal installer.
Upgrading can be done by just installing the new version. Upgrading preserves configuration. Portable executable can be upgraded by just replacing the executable with a newer one.
To remove the application, go to
Control Panel > Programs > Uninstall a program. In Windows 10, go to
Settings > System > Apps & features.
WinSCP Scripting Summary
WinSCP implements a simple scripting language that can be used to automate certain operations with a server. The scripting language relies on credentials stored in local files. No functionality is provided for managing the credentials.
The scripting language implements the following commands. More detailed documentation can be found at https://winscp.net/eng/docs/scripting.
call - executes an arbitrary command on the server. Commands requiring input are not supported.
cd - changes remote working directory
checksum - calculates checksum of a remote file
chmod - changes permissions of remote files
close - closes a session
echo - prints a message to script output
exit - closes all sessions and terminates the program
get - downloads one or more files from a remote directory
help - provides help on commands
keepuptodate - updates a remote directory to reflect local changes
lcs - changes local directory
lls - lists files in a local directory
ln - creates a symbolic link on the remote host
lpwd - displays the current local directory
mkdir - creates a new directory on the remote host
mv - renames or moves a file on the remote host
open - opens a new connection to a server. For SSH File Transfer Protocol (SFTP), password may be hard-coded in the command or public key authentication may be used. For interactive sessions, user may type the password. FTP, FTPS, SCP, and WebDav protocols are also supported.
option - sets script options, such as echoing, confirmations, reconnect time limit for broken sessions, and whether to fail if wildcard matches no files.
put - uploads files to a remote directory
pwd - displays the current remote working directory
rmdir - removes a directory from the remote host
session - selects which session to use for the following commands
stat - gets attributes of a file from the remote host
synchronize - synchronizes a local directory with a remote directory, updating changed files in either direction
Scripting as .NET Assemblies
WinSCP provides COM interfaces for any .NET programming language that supports COM. The interfaces are provided by the
winscpnet.dll library. More complex automation can be implemented in any such language. PowerShell is one such language; C#, VB.NET, ASP.NET, Microsoft Azure Website, and SQL Server Integration Services (SSIS) are also supported.
WinSCP Command Line Mode
While the application does not have a full terminal emulator, it does support a command line mode for executing commands remotely. The command line mode does not support commands that require keyboard input.
It is possible to use the application in conjunction with PuTTY to have access to full terminal capability.
Cloud Service Support
Guides exist for using the application with several cloud services. See https://winscp.net/eng/docs/guides.
- Session scripting
- Integration to .NET scripting tools
- Synchronizing directories
- Good documentation
- No SSH key management support - major security risk
- Hardcoded passwords - compliance violation
- Slow to copy many files
- Opening a large directory can hang the application for an extended period, particularly over long-distance networks
- Some people clearly prefer WinSCP over FileZilla
- WinSCP has no terminal windows. Users who need a terminal need to get a terminal client (see downloads page)
WinSCP is good for managing a small number of servers in environments that don't use extensive automation or cloud services.
Inability to automate key management makes it very cumbersome in large enterprises and makes compliance audits very difficult.
WinSCP is open source and does not come with any support. For business-critical applications, commercial alternatives are recommended.
Many organizations have massive amounts of SSH keys that must be properly managed. If left unmanaged, they pose a major risk and compliance issue. See more
SSH tunneling, unless properly controlled, can allow backdoor access from the Internet into internal networks. See more
ssh: (and maybe
webdav: etc) URLs could potentially trigger WinSCP to perform undesired actions.
How to Get an SSH Server
General information about SSH servers can be found here. For a Windows server, see here. For an IBM mainframe server, see here. For OpenSSH, see here. For business-critical applications, see here. For 24x7 support on Linux/Unix, see here.