Documentation

9.5. External local file

A local-file authentication method allows defining accounts and groups in a separate configuration file.

9.5.1. Introduction

The file uses the same format and configuration options as the main configuration file. Only accounts and groups configurations are read from this file. Any other configurations present in the file are ignored.

The accounts and groups defined for this authentication method are independent to the main SFTPPlus application. The accounts defined in the external file can only be configured with groups defined in the same external file. They can't be configured with groups from the main configuration file.

Only application accounts can be defined to be used by this authentication method.

Note

This authentication method can't be used with the Local Manager services.

The external file is automatically reloaded every 5 minutes. This means that it can take up to 5 minutes for the changes to be visible.

9.5.2. name

Default value

''

Optional

Yes

From version

2.10.0

Values
  • Any text.

Description

Human-readable short text used to identify this method.

9.5.3. description

Default value

''

Optional

Yes

From version

2.10.0

Values
  • Any text.

Description

Human-readable text that describes the purpose of this authentication method.

9.5.4. type

Default value

''

Optional

No

From version

2.10.0

Values
  • application - Application accounts.

  • os - Accounts authenticated by the OS.

  • http - HTTP (unsecured).

  • ip-time-ban - Ban an IP address for a time interval.

  • deny-username - Deny authentication based on usernames.

  • anonymous - Anonymous account authentication.

  • ldap - Authenticate against an LDAP server.

  • local-file - Authenticate the accounts from a separate local file.

Description

This option specifies the type of the method. Each type has a set of specific configuration options

9.5.5. path

Default value

''

Optional

No

Values
  • Path on the local filesystem

From version

3.33.0

Description

Absolute path to a file, local to the server, in which the accounts and groups configurations are stored for this authentication method.

9.5.6. external_management

Default value

'yes'

Optional

yes

Values
  • yes

  • no

From version

3.37.0

Description

Set to yes when you want the file used to store the identities for this authentication to be managed by an external process. For example using a configuration management system. When set to yes it will automatically reload the changes every 5 minute.

Set to no when you want to use the Local Manager to manage the identities for this authentication. When set to no, changes done to the file outside of the Local Manager are ignored.