Enabling Password Based Authentication on Existing Transfer Family 'Service managed' SFTP Server

0

I have an existing AWS transfer family SFTP server that has been configured with the 'Service Managed' identity provider which has only public key authentication for its users. Can I please know how I can enable password-based authentication as well on the existing SFTP server without having to create a new server?

Thanks.

2 個答案
1

Password-based authentication cannot be directly enabled on an existing server with the service managed identity provider. The service managed provider only supports public key authentication.

To enable password authentication, you will need to migrate your server to use a custom identity provider instead of the service managed provider. This can be done by creating a new server and migrating your users and data over to it.

When using a custom identity provider, you have full control over the authentication methods supported. You can configure it to support both password and public key authentication.

To set up Lambda functions or API Gateway as a custom identity provider consider the following:

  • You will need to provision a new server and migrate users, data and host keys over.
  • Use the aws transfer update-server CLI command to update the host key on the new server if you want to reuse the same host key.
profile picture
專家
已回答 1 個月前
  • thanks for the solution. is there any way we can get/export the host key from the existing SFTP server?

1

Hi Adheeb, we do not currently support exporting host key from an existing SFTP server today. However, this and native password-based authentication (your original question) are both feature requests for our service. I'd like to know more about your use case, use of AWS Transfer Family and need for these capabilities. Please reach out to yoonmsuh@amazon.com if you'd be interested in discussing further. Thanks!

AWS
專家
已回答 1 個月前

您尚未登入。 登入 去張貼答案。

一個好的回答可以清楚地回答問題並提供建設性的意見回饋,同時有助於提問者的專業成長。

回答問題指南