- Newest
- Most votes
- Most comments
Password-based authentication cannot be directly enabled on an existing server with the service managed identity provider. The service managed provider only supports public key authentication.
To enable password authentication, you will need to migrate your server to use a custom identity provider instead of the service managed provider. This can be done by creating a new server and migrating your users and data over to it.
When using a custom identity provider, you have full control over the authentication methods supported. You can configure it to support both password and public key authentication.
To set up Lambda functions or API Gateway as a custom identity provider consider the following:
- You will need to provision a new server and migrate users, data and host keys over.
- Use the
aws transfer update-server
CLI command to update the host key on the new server if you want to reuse the same host key.
Hi Adheeb, we do not currently support exporting host key from an existing SFTP server today. However, this and native password-based authentication (your original question) are both feature requests for our service. I'd like to know more about your use case, use of AWS Transfer Family and need for these capabilities. Please reach out to yoonmsuh@amazon.com if you'd be interested in discussing further. Thanks!
Relevant content
- asked 2 years ago
- asked 2 years ago
- asked 3 months ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated 9 months ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated a month ago
thanks for the solution. is there any way we can get/export the host key from the existing SFTP server?