Skip to main content

Allow different authentication per listener



  • Dana Anderson
    Product Support

    Hi, John. 

    Thanks for the feature request, our product team will take a look at this. In the meantime some other options that you may want to consider. 

    There are a few ways to use AD authentication for your company users without exposing those credentials to the internet.

    One way is to use a proxy server. A proxy server is a server that sits between your users and the internet. It can be used to filter traffic, cache content, and provide other security features.

    Another way to use AD authentication for your company users without exposing those credentials to the internet FTP server is to use a VPN. This allows your users to access resources on your network, such as your  FTP server, without exposing their credentials to the internet.

    Finally, one thing I'm starting to see is using a single sign-on (SSO) solution. SSO allows your users to sign in to multiple applications with a single set of credentials. This can be a good option if you have a lot of applications that your users need to access.

  • John Schoenstein


    Our server is behind a firewall, but we have certain accounts that need to log in from the outside to transfer data in and out of the company along with shared files sent out by our users. Specifying which interfaces that they can log in to, we can have one for internal users with SSO/AD/LDAP and one with cerberus users. 

  • Dana Anderson
    Product Support

    Completely understand. 

    It would be helpful to have the option to specify on a listener if the authentication is an AD/LDAP user or a local user. This would allow you to control who has access to your Cerberus server.

    For example, you could have one listener that is only accessible to local users. This would allow you to share links with people not on your network. You could also have another listener that is only accessible to AD/LDAP users. This would allow you to control who can access your Cerberus server from the internet.

    Hopefully it's something we can include in a future edition of Cerberus. 

  • Eric Henson

    I would like to have a listener that requires SFTP+key authentication, that doesn't support SFTP+password. So that I can have one listener for password and one for public key.

  • Connor Woolfolk
    Community Manager

    Hello Eric,

    So I did spin up an enhancement request around that functionality at the time you submitted it. It's still active, I will reach out and let our team know that you're still interested. Sometimes features do take some time to get implemented, but I do appreciate you checking in on this.


Please sign in to leave a comment.