Documentation
9.5. External local file¶
A local-file authentication method allows defining accounts and groups in a separate configuration file.
9.5.1. Introduction¶
The file uses the same format and configuration options as the main configuration file. Only accounts and groups configurations are read from this file. Any other configurations present in the file are ignored.
The accounts and groups defined for this authentication method are independent to the main SFTPPlus application. The accounts defined in the external file can only be configured with groups defined in the same external file. They can't be configured with groups from the main configuration file.
Only application accounts can be defined to be used by this authentication method.
Note
This authentication method can't be used with the Local Manager services.
The external file is automatically reloaded every 5 minutes. This means that it can take up to 5 minutes for the changes to be visible.
9.5.2. name¶
- Default value
''
- Optional
Yes
- From version
2.10.0
- Values
Any text.
- Description
Human-readable short text used to identify this method.
9.5.3. description¶
- Default value
''
- Optional
Yes
- From version
2.10.0
- Values
Any text.
- Description
Human-readable text that describes the purpose of this authentication method.
9.5.4. type¶
- Default value
''
- Optional
No
- From version
2.10.0
- Values
application - Application accounts.
os - Accounts authenticated by the OS.
http - HTTP (unsecured).
ip-time-ban - Ban an IP address for a time interval.
deny-username - Deny authentication based on usernames.
anonymous - Anonymous account authentication.
ldap - Authenticate against an LDAP server.
local-file - Authenticate the accounts from a separate local file.
radius - Authenticate via an RADIUS server.
azure-ad - Azure Active Directory
- Description
This option specifies the type of the method. Each type has a set of specific configuration options
9.5.5. path¶
- Default value
''
- Optional
No
- Values
Path on the local filesystem
- From version
3.33.0
- Description
Absolute path to a file, local to the server, in which the accounts and groups configurations are stored for this authentication method.
9.5.6. external_management¶
- Default value
'yes'
- Optional
yes
- Values
yes
no
- From version
3.37.0
- Description
Set to yes when you want the file used to store the identities for this authentication to be managed by an external process. For example using a configuration management system. When set to yes it will automatically reload the changes every 5 minute.
Set to no when you want to use the Local Manager to manage the identities for this authentication. When set to no, changes done to the file outside of the Local Manager are ignored.