How to: SFTP authentication via one-time passwords (OTP)

Syncplify.me Server! version: 5.0.0+

Occasionally our customers¬†ask if it’s possible to implement some form of one-time password (OTP) authentication for their SFTP users. Considering the complexity of the SSH authentication scheme, such task is definitely not trivial. To ease the process, Syncplify.me Server! V5 adds two new event-handlers and several functions to the scripting framework. This article explains how to use them to accomplish OTP authentication over SFTP. Continue reading

Authenticating users via PKI

We have already talked about the SSH Server Key, which is used to verify the server’s identity and to negotiate the security (hmac/encryption) parameters. In this article, instead, we want to explain how to use PKI to authenticate users in Syncplify.me Server!

First of all it is important to understand that – unlike the Server Key – these user-specific key pairs are not used for encryption, but only and exclusively to authenticate users, thus to verify their identity and decide whether to let them log into the server or not.

Authenticating users via PKI certainly grants a much higher degree of security that simply using a password, and is therefore a highly recommended authentication method. Continue reading