Troubleshooting Common Issues in Rebex Tiny SFTP Server

Rebex Tiny SFTP Server: Quick Setup Guide

What you need

• OS: Windows 10 or later (x86/x64).
• Download: Rebex Tiny SFTP Server zip from Rebex (or your licensed source).
• Prerequisites: .NET Framework 4.6.1+ or .NET runtime required by the downloaded package (follow Rebex documentation).

1. Download and unzip

1. Download the Rebex Tiny SFTP Server package.
2. Extract the ZIP to a folder where the server will run (e.g., C:\Rebex\TinySftpServer).

2. Configure the server

1. In the extracted folder locate the configuration file (usually named TinySftpServer.exe.config or a JSON file depending on the build).
2. Open the config file in a text editor.

Essential settings to set:

• Port: default SFTP port is 22 — change if you’ll use a non-privileged port (e.g., 2222).
• HostKey: point to the server private key file (or let the server generate one if supported).
• Users: define one or more users with:
  • username
  • password or public-key auth entry
  • root/home directory path (the filesystem location they can access)
  • optional permissions (read/write/list/delete)

Example (conceptual):

• user: sftpuser
• password: StrongP@ssw0rd!
• home: C:\SftpRoot\sftpuser

Save the config after edits.

3. Create user directories and set permissions

1. Create the home folder(s) specified for each user (e.g., C:\SftpRoot\sftpuser).
2. Set NTFS permissions so the account running the Tiny SFTP Server can read/write those folders. If using Windows user isolation, ensure user mapping is correct.

4. Generate or install host keys

• If the package doesn’t auto-generate an SSH host key, generate one (use ssh-keygen on another machine or a tool you trust) and place the private key file in the path referenced by the config.
• Ensure the server can read the private key file and keep it secure (restrict filesystem permissions).

5. Start the server

• Run TinySftpServer.exe (double-click or run from an elevated command prompt if binding to port 22).
• Optionally install as a Windows service if the package includes an installer or provide a service wrapper (e.g., NSSM) to run continuously.

6. Test the connection

1. From a client machine use an SFTP client (WinSCP, FileZilla, or sftp command-line):
   • Host: server IP or hostname
   • Port: configured port (22 or custom)
   • Username/password or private key (for public-key auth)
2. Verify you can list directories, upload, download, and remove files per the configured permissions.

Example command:

Code
Copy CodeCopied
sftp -P 2222 [email protected] 

7. Secure the server (recommended)

• Use strong passwords or prefer public-key authentication.
• Change the SFTP port from 22 if you want to reduce low-skill scans.
• Restrict user permissions and chroot/lock users to their home directories.
• Harden Windows: apply updates, enable firewall rules permitting only the SFTP port, and limit remote management.
• Monitor logs for suspicious activity.

8. Troubleshooting quick checklist

• Server not starting: check config syntax, host key path, and runtime prerequisites.
• Connection refused: verify firewall, port binding (privileged port needs admin), and that server process is running.
• Authentication failures: confirm username/password or public key is correctly configured and formatted.
• Permission denied on file ops: check NTFS permissions and that the server account has access.

9. Backup and maintenance

• Backup configuration and host key files to secure storage.
• Rotate host keys and user credentials periodically.
• Keep Rebex package and underlying runtime patched.

If you want, I can provide a sample config snippet for your specific version (specify whether the package uses XML/.config or JSON).