Table of ContentsView in Frames

SFTP authentication styles

When users connect using SFTP and authenticate, you can use three different authentication styles: mixed, NTLM, or UNIX. This determines the authentication style used and acceptable user name format.

In mixed mode, the authentication style used is selected by the format of the user name. User names with "\" are authenticated using NTLM and those without are authenticated using UNIX. Setting the authentication style explicitly to NTLM or UNIX forces the respective authentication type to be used regardless of the format of the user name.

To authenticate using NTLM with a domain user account, you must specify the user name in the format domain\user_name.

To authenticate using NTLM with a local user account, you must specify the user name in the format storagesystem_hostname\user_name.

By default, clients use user authentication methods in the following order: public-key, keyboard-interactive, and password authentication (if available). Public-key and certificate authentication are combined into the public-key authentication method. Data ONTAP allows public-key and password authentication by default.