Enabling Password Based Authentication on Existing Transfer Family 'Service managed' SFTP Server


I have an existing AWS transfer family SFTP server that has been configured with the 'Service Managed' identity provider which has only public key authentication for its users. Can I please know how I can enable password-based authentication as well on the existing SFTP server without having to create a new server?


2 Answers

Password-based authentication cannot be directly enabled on an existing server with the service managed identity provider. The service managed provider only supports public key authentication.

To enable password authentication, you will need to migrate your server to use a custom identity provider instead of the service managed provider. This can be done by creating a new server and migrating your users and data over to it.

When using a custom identity provider, you have full control over the authentication methods supported. You can configure it to support both password and public key authentication.

To set up Lambda functions or API Gateway as a custom identity provider consider the following:

  • You will need to provision a new server and migrate users, data and host keys over.
  • Use the aws transfer update-server CLI command to update the host key on the new server if you want to reuse the same host key.
profile picture
answered 2 months ago
  • thanks for the solution. is there any way we can get/export the host key from the existing SFTP server?


Hi Adheeb, we do not currently support exporting host key from an existing SFTP server today. However, this and native password-based authentication (your original question) are both feature requests for our service. I'd like to know more about your use case, use of AWS Transfer Family and need for these capabilities. Please reach out to yoonmsuh@amazon.com if you'd be interested in discussing further. Thanks!

answered 2 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions