Configuration format is at your choice: JSON, TOML, YAML, HCL, envfile are supported.Performance analysis using built-in profiler.SFTP subsystem mode: you can use SFTPGo as OpenSSH's SFTP subsystem.Portable mode: a convenient way to share a single directory on demand.Easy migration from Linux system user accounts.Support for HAProxy PROXY protocol: you can proxy and/or load balance the SFTP/SCP/FTP service without losing the information about the client's address.You can configure the allowed protocols (SSH/HTTP/FTP/WebDAV) for each user. Two-Way TLS authentication, aka TLS with client certificate authentication, is supported for REST API/Web Admin, FTPS and WebDAV over HTTPS.SFTPGo can obtain and automatically renew TLS certificates for HTTPS, WebDAV and FTPS from Let's Encrypt or other ACME compliant certificate authorities, using the HTTP-01 or TLS-ALPN-01 challenge types. You can configure the FTP service to require TLS for both control and data connections. Per-user files/folders ownership mapping: you can map all the users to the system account that runs SFTPGo (all platforms are supported) or you can run SFTPGo as root user and map each user or group of users to a different system account (*NIX only).Automatic blocklist management using the built-in defender.Automatically terminating idle connections. Per-user and per-directory shell like patterns filters: files can be allowed, denied and optionally hidden based on shell like patterns.Per-user and global IP filters: login can be restricted to specific ranges of IP addresses or to a specific IP address.Per-protocol rate limiting is supported and can be optionally connected to the built-in defender to automatically block hosts that repeatedly exceed the configured limit.Data transfer bandwidth limits, with total limit or separate settings for uploads and downloads and overrides based on the client's IP address.Bandwidth throttling, with separate settings for upload and download and overrides based on the client's IP address.Quota support: accounts can have individual disk quota expressed as max total size and/or max number of files.Dynamic user modification before login via external programs/HTTP API.Web Client and Web Admin user interfaces support OpenID Connect authentication and so they can be integrated with identity providers such as Keycloak.Custom authentication via external programs/HTTP API.Roles allow to create limited administrators who can only create and manage users with their role.Simplified user administrations using groups.LDAP/Active Directory authentication using a plugin.Two-factor authentication based on time-based one time passwords (RFC 6238) which works with Authy, Google Authenticator, Microsoft Authenticator and other compatible apps. You can configure multi-step authentication requiring, for example, the user password after successful public key authentication. You can easily setup a customizable multi-factor authentication. Multiple public keys per-user are supported.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |