What are secure FTP and Telnet?

Secure File Transfer Protocol (SFTP) is a secure method for transferring files from one computer to another on networks such as the Internet. This is to replace the insecure File Transfer Protocol (FTP) where data will be transmitted in clear text and hence could be intercepted by eavesdroppers. With SFTP, both the login password and data are encrypted to provide a secure channel for data transfer.

Secure SHell (SSH) is a network protocol that provides a secure method for accessing a remote computer from another one on networks. SSH was designed as a replacement for telnet and other insecure remote shell. Again, encryption is enforced to ensure a secure connection.

Secure FTP and Telnet Services at EdUHK

SFTP and SSH services are now available in a number of central network servers at EdUHK, with details shown in the following table:

Server Hostname Description Support SFTP Support SSH
sun.eduhk.hk Unix server for
- Internet webpages
- Intranet webpages
- Staff personal webpages
Yes Yes
moon.eduhk.hk Unix server for students' personal webpages Yes Yes
msftp.eduhk.hk Microsoft-based network drives (N & S Drive) for file storage Yes -

Note: To enhance computer and network security for file transfer or remote access to central servers (e.g sun), the FTP and telnet access to these servers will be discontinued starting from 1 December 2010. After that, only SFTP and SSH access are allowed.

Recommended Software Tools

OCIO recommends the following software for users to access our secure services.

Secure FTP (SFTP)

For Microsoft Windows: (Network PC in EdUHK)

WinSCP is an open source SFTP client. Its main function is secure transferring of files between a local and a remote computer. All the network PC in EdUHK could access WinSCP through "Network Teaching Software".

How to use:

  1. You can invoke WinSCP (SFTP) via the "Network Teaching Software".
  2. When you open it, from the left panel, choose "Session" -> "Stored sessions".
  3. Then choose one of the servers from the preset list (e.g. N, S Drive). Then click "Login".
    WinSCP (SFTP) login screen

  4. Follow the instructions on screen to enter your username and password.
  5. If login is successful, you can transfer files between your PC and server by drag n drop.
     transfer files screen

  6. If you want to disconnect the connection, from the tool bar, click "Session" -> "Disconnect"

Note: If you want to create a new server list in the main windows, click the "New" button on the right hand side of the main windows. Enter the host name and select a "File Protocol". Then click the "Save" button, and you will be prompted to give a Session Name.

For Microsoft Windows: (Non-EdUHK PC)

For users' own PC/notebooks, they could download WinSCP from http://winscp.net for installation. To setup WinSCP to access our network servers, you need to configure it with the right host name (e.g. msftp.eduhk.hk, sun.eduhk.hk or moon.eduhk.hk) and also the right protocol (i.e. SFTP). The following is a screen dump for the configuration.

If you are accessing outside campus network. You need to connect via VPN beforehand.

configuration screen

For Macintosh Computer:

For Macintosh, you could use Cyberduck or any other SFTP client software you prefer.

Secure SHell (SSH)

For Microsoft Windows and Macintosh:

PuTTY is a free and open source terminal emulator application which can act as a SSH client software.

If you have installed WinSCP on your computer, you can invoke PuTTY via WinSCP's menu (From the menu bar, click "Commands" -> "Open in PuTTY"). So you don't need to install it separately.

PuTTY via WinSCP's menu