Does Transfer Family support Password and SSH key authentication together in one single login ?
Hello Team, I am working on a AWS Transfer Family Solution (SFTP) and need a confirmation that whether this service can support both password and ssh key based authentication at same time (i.e in one login attempt when user passes both using any sftp client like filezilla or winscp). I used lambda based identity provider and identified that when I pass both password and ssh key in Filezilla, password is never passed to lambda and so code logic have to assume it is ssh key based authentication. Can someone please provide any advise !!
- Newest
- Most votes
- Most comments
Hello Sumit@,
AWS Transfer service doesn't support both Password and SSH key based authentication for one login attempt. Users can authenticate either via SSH keys or Passwords but not both for the same login session. However, you could implement Multifactor authentication techniques when using Custom or Lambda IDP authentication type servers. An example implementation is mentioned in this blog post [1] where the User is authenticated against Okta with Password + MFA token.
References:
Let me know if you have further questions.
-- Sagar
Hi Sumit,
AWS Transfer Family now supports the ability to require multiple methods of authentication in a single login, including the ability to require BOTH password and public key. You can learn more about how to configure multiple methods of authentication using a customer identity provider in Step 3 of our Create an SFTP-enabled server documentation. Please let us know if you have any questions.
– AWS Transfer Family
Relevant content
- asked 2 years ago
- asked 2 years ago
AWS OFFICIALUpdated 3 years ago- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated 5 months ago
- AWS OFFICIALUpdated 3 years ago