Documentation
10.9. Banning users¶
A deny-username authentication method can be used to block/deny authentication for a configured list of denied users.
You can use it for file transfer services, as well as for the Web Manager service.
Note
Add this authentication method as the first one in the list of active authentication methods to make sure the users are not authenticated earlier by other authentication methods.
10.9.1. name¶
- Default value:
''
- Optional:
Yes
- From version:
2.10.0
- Values:
Any text.
- Description:
Human-readable short text used to identify this method.
10.9.2. description¶
- Default value:
''
- Optional:
Yes
- From version:
2.10.0
- Values:
Any text.
- Description:
Human-readable text that describes the purpose of this authentication method.
10.9.3. type¶
- Default value:
''
- Optional:
No
- From version:
2.10.0
- Values:
application - Application accounts.
os - Accounts authenticated by the OS.
http - HTTP (unsecured).
ip-time-ban - Ban an IP address for a time interval.
deny-username - Deny authentication based on usernames.
anonymous - Anonymous account authentication.
ldap - Authenticate against an LDAP server.
local-file - Authenticate the accounts from a separate local file.
radius - Authenticate via an RADIUS server.
entra-id - Microsoft Entra ID
- Description:
This option specifies the type of the method. Each type has a set of specific configuration options
10.9.4. usernames¶
- Default value:
''
- Optional:
Yes
- Values:
Comma-separated list of usernames.
- From version:
3.0.0
- Description:
Comma-separated list of usernames denied by this authentication method.
The check is done in a case-insensitive way.
Usernames should be defined in lower-case.