Documentation
9.2. SFTPPlus embedded users¶
An application authentication method can be used to authenticate users based on accounts defined in the configuration file of SFTPPlus.
It will authenticate accounts of type application.
9.2.1. name¶
- Default value
''
- Optional
Yes
- From version
2.10.0
- Values
Any text.
- Description
Human-readable short text used to identify this method.
9.2.2. description¶
- Default value
''
- Optional
Yes
- From version
2.10.0
- Values
Any text.
- Description
Human-readable text that describes the purpose of this authentication method.
9.2.3. type¶
- Default value
''
- Optional
No
- From version
2.10.0
- Values
application - Application accounts.
os - Accounts authenticated by the OS.
http - HTTP (unsecured).
ip-time-ban - Ban an IP address for a time interval.
deny-username - Deny authentication based on usernames.
anonymous - Anonymous account authentication.
ldap - Authenticate against an LDAP server.
local-file - Authenticate the accounts from a separate local file.
radius - Authenticate via an RADIUS server.
azure-ad - Azure Active Directory
- Description
This option specifies the type of the method. Each type has a set of specific configuration options
9.2.4. allowed_groups¶
- Default value
Empty
- Optional
Yes
- Values
Empty
Group UUID
Comma-separated list of group UUIDs.
- From version
4.0.0
- Description
Defines a group or a list of groups with users that are allowed by this authentication method.
When this is empty, any account is accepted as long as it has valid credentials.
For an account that is a member of multiple groups, the authentication succeeds when at least one of those groups is found in the allowed_groups list.
Note
This option applies to group UUID values, not group names. This makes it possible to rename a group without having to update this configuration option.