File Transfer between a Windows Client and a Windows or Unix Server
Note: This page outlines secure methods for transferring files between a Windows client and a Windows or Unix server. If you are transferring files between other systems, please see the File Transfer page to find the secure method that's right for your needs.
| Recommended File Transfer Options | ||||||||
|---|---|---|---|---|---|---|---|---|
| SFTP/SCP | WebDAV | FTP over SSL (FTPS) |
Microsoft File Sharing (SMB/CIFS) |
|||||
| Win Client & Win/Unix Server |
X |
X |
(X) |
|||||
What is SFTP/SCP?
SFTP (Secure File Transfer Protocol) is a file transfer protocol similar to FTP but with additional security (both commands and data are encrypted). The SFTP client talks to the SSH daemon on the server. When you use SFTP, you can transfer files and also perform some simple file and directory commands such as listing files and changing directories.
SCP (Secure Copy Protocol) is a secure file transfer protocol. The SCP client talks to the SSH daemon on the server. It is used only for transferring files. To use SCP, you must know the exact directory tree of the destination location.
Server Setup
- Unix servers come with the SSH daemon installed and configured.
- By customer request on managed Windows servers, CIT will install Cygwin which provides an SSH daemon.
Client Setup on User Desktops
- FileZilla is the CIT-supported SFTP software for Windows. You can use it to transfer files and also to perform simple file and directory commands such as listing files and changing directories. For information on installing FileZilla and transferring files, see File Transfer Using FileZilla.
- PuTTY is the recommended SCP software for Windows. For information on installing PuTTY and transferring files, see File Transfer Using PuTTY.
Client Setup on a CIT Managed Server
- By customer request on managed servers, CIT will install Cygwin which provides an SCP client. Once Cygwin is installed, the Windows server can issue Unix commands. To transfer files, see File Transfer Using SFTP or SCP.
What is WebDAV?
WebDav (Web-based Distributed Authoring and Versioning) is a file transfer protocol that is used at Cornell in conjunction with CUWebAuth and Kerberos to provide additional security for single-sign on connections.
The WebDAV client sends an encrypted NetID and password to the kProxy server. The kProxy server logs into Kerberos and obtains credentials which are sent to the WebDav server. This protects NetID and password information while still allowing the ease of use provided by single sign-on.
For more information, see File Transfer Using WebDAV.
What is Microsoft File Sharing (SMB/CIFS)?
Microsoft File Sharing (using the underlying SMB/CIFS protocol) is a software application that allows Windows or Macintosh and Unix computers to interact with each other. It creates a connection from the Win/Mac client to the Unix server, allowing you to see directories on the server as if they were on the client computer.
Microsoft File Sharing (SMB/CIFS) is "depreciated" because the data is not encrypted over the network. For servers that store private data, Microsoft File Sharing (SMB/CIFS) is not allowed. The University policy concerning private data is being reviewed and finalized. Currently, the private data classification comprises Social Security, credit card, driver's license and bank account numbers, and patient treatment records. This classification may expand. If you are unsure which protocol to use instead, send e-mail to systems-support@cornell.edu. The Systems Support group will work with you to find a secure solution.
Server Setup
- By customer request on managed Unix servers, CIT will install SAMBA.
- For Windows servers, it may be necessary to ask CIT to turn the service on.
Client Setup and File Transfer
For step-by-step instructions for transferring files using Microsoft File Sharing, see File Transfer Using Microsoft File Sharing.