Documentation
9.9. Banning users¶
A deny-username authentication method can be used to block/deny authentication for a configured list of denied users.
You can use it for file transfer services, as well as for the Local Manager service.
Note
Add this authentication method as the first one in the list of active authentication methods to make sure the users are not authenticated earlier by other authentication methods.
9.9.1. name¶
- Default value
''
- Optional
Yes
- From version
2.10.0
- Values
Any text.
- Description
Human-readable short text used to identify this method.
9.9.2. description¶
- Default value
''
- Optional
Yes
- From version
2.10.0
- Values
Any text.
- Description
Human-readable text that describes the purpose of this authentication method.
9.9.3. type¶
- Default value
''
- Optional
No
- From version
2.10.0
- Values
application - Application accounts.
os - Accounts authenticated by the OS.
http - HTTP (unsecured).
ip-time-ban - Ban an IP address for a time interval.
deny-username - Deny authentication based on usernames.
anonymous - Anonymous account authentication.
ldap - Authenticate against an LDAP server.
local-file - Authenticate the accounts from a separate local file.
radius - Authenticate via an RADIUS server.
azure-ad - Azure Active Directory
- Description
This option specifies the type of the method. Each type has a set of specific configuration options
9.9.4. usernames¶
- Default value
''
- Optional
Yes
- Values
Comma-separated list of usernames.
- From version
3.0.0
- Description
Comma-separated list of usernames denied by this authentication method.
The check is done in case-insensitive mode, by comparing against the lower-case name.
Usernames should be defined in lower-case.