WinSCP: The server rejected SFTP connection, but it listens for FTP [closed]

Asked 23/4, 2014 at 10:52 Answered 23/4, 2014 at 12:44

I am using the WinSCP in order to download files using FTP protocol.

I got this error in the XML log. Any idea?

Network error: Connection to "example.com" refused. The server rejected SFTP connection, but it listens for FTP connections.

Did you want to use FTP protocol instead of SFTP? Prefer using encryption.

Thalamus answered 23/4, 2014 at 10:52 Comment(0)

WinSCP uses SFTP protocol by default, contrary to most other file transfer clients, which use FTP protocol.

For this reason, when you try to connect using the default SFTP protocol to a server that does not have an SSH/SFTP service (does not have a port 22 open), but it has an FTP service (a port 21 open), it suggests you that you might have actually wanted to use the FTP.

You need to select the FTP protocol explicitly on Login dialog:
https://winscp.net/eng/docs/ui_login

For more details:
https://winscp.net/eng/docs/message_server_rejected_sftp_listens_for_ftp

Retorsion answered 23/4, 2014 at 12:44 Comment(4)

I changed it to FTP, then I got error: No connection could be made because the target machine actively refused it. Connection failed. – Upstanding 25/1, 2016 at 10:54

This is Q&A site, not a discussion forum. If you have a question, post it. Though Super User would be better place. – Retorsion 25/1, 2016 at 11:54

i have the same situation on Linux vm player machine - sshd is running, port 22 is open (systemctl status sshd), took ip from ifconfig.... BUT still see "The server rejected SFTP connection, but it listens for FTP connections." – Collazo 3/3, 2017 at 23:19

@SashaBond So you downvoted my answer and yet you ask for help? – Retorsion 4/3, 2017 at 6:36

Even if all these protocols have similar names they are different:

FTP - file transfer protocol RFC959
SFTP - "secure file transfer", which is file transfer over a SSH connection
SCP - "secure copy", also file transfer over SSH
FTPS - "FTP secure", an extension of the original FTP with use of SSL (not SSH) connections

So SFTP and SCP need an SSH server at the peer, while FTP/FTPS need an FTP(s) server.

WinSCP can probably all of these, but it can only do FTPS if the FTP server has the SSL extension enabled. So if you want to do FTPS (and not SFTP) please check your servers configuration.

Rf answered 23/4, 2014 at 11:14 Comment(1)

Great answer. Also note, as mentioned above, FTP typically runs on port 21 (and sometimes port 20 for data connections), SFTP & SCP typically on 22, and FTP/S typically on port 990 for Implicit SSL and port 21 for AUTH/Explicit SSL. the Implicit/Explicit difference being that on port 990 it is Implied that the connection is secure and the handshake happens immediately. With Explicit SSL, connections are on the standard FTP port and the handshake happens as a result of an AUTH SSL or AUTH TLS statment from the client. – Spirited 23/4, 2014 at 20:3

Recommended topics

Hot tags