The System
I am using Windows 7 host with Cygwin and a virtual machine running Linux. The actual running guest is an Arch Linux ISO.
The Objective
I want to share files between the Cygwin host and the Arch guest.
Possible Solution
A good solution seems the SFTP protocol, using the Cygwin host as the server, because SSH is available out of the box in Arch and it is easy to configure an SSHD deamon in Cygwin.
I want to reduce the external attack surface and ideally only the virtual Linux guest should be able to remotely log.
Constraints/Challenges
The Windows Cygwin SSHD daemon runs on the local account that I normal use for my projects, it would be impractical to use a very long and strong password (since this is the password re-enter every time I leave my desk).
It would be nice to use a different password for SSH, but I think that in this case I should create a different account with a different user home directory, which would make difficult to share files.The guest IP is dynamically assigned by the virtual machine application software. Therefore it is difficult restrict the remote IPs logging to SSH.
I need to check often my project against new Arch Linux versions, so I start from a clean ISO and I install my project files via the SFTP share. Therefore I can't easily put a private key on the client, as files get to the guest system when the connection is already established.
Solution Security
My current ideas consist in combining an alphanumeric password with a restriction of the remote connections to the private address space, via host access control files:
# /etc/hosts.allow
sshd: 192.168.0.0/255.255.255.0
# /etc/hosts.deny
sshd: ALL
This is still not satisfactory, since a hacker in a public Wi-Fi network might brute force the password.
If there are safer or more efficient ways to share files between host and guest machine, please fill an answer.
Update
I am currently using VMware Player, but I make my tests with Virtual Box too.
Shared folders
Someone suggested the use of shared folders. As noted sub 3, I need often to test my projects against the current ISO.
VMware Shared folders do not have an official Arch package. VirtualBox Shared folders do have an official Arch package, but I saw it is often required to reboot to make changes effective, which is useless in the ISO static environment.