# Additional SFTP Settings

# Disable All SFTP Password Authentication

SFTP password authentication can be globally disabled by setting the sftp_disable_passwords configuration in the application configuration file.

# Signed Certificate Authentication

FileMage Gateway supports using signed short-lived certificate for user authentication on the SFTP listener. To enable it, upload your certificate authority public key to the server and set the sftp_trusted_user_ca_keys configuration in the application configuration file to the path of the uploaded file.

During authentication, if a certificate is presented, the application will validate that the certificate is valid and signed by one of the configured trusted CAs and that the principal matches the user being authenticated. The source-address extension will also be verified.