Skip to content

ODBC Authentication

To use ODBC Authentication, you must first create a table in database and Creating a system data source name (DSN).

MFT server ODBC authentication

Table Name

Name of the table containing the authentication information.

User Field Name

This field holds the username.

Password Field Name

This field holds the login password. Depending on whether the Password Salt Field Name is enabled, it might not be the plain password.

Password Salt Field Name

The field contains the salt value for generating a derivated password hash using the PBKDF2 algorithm. This avoids the security risk of storing plain passwords. The adjacent checkbox must be selected to enable this feature.

When not enabled, the password field is considered to store the plain password.

When enabled, TurboFTP Server will combine the login password supplied by the connecting client and the salt value of the user, to calculate the PBKDF2 key and then compare it against the one stored in the database. If both match, it considers the user has supplied the correct password, and the authentication is successful.

The end user must create the derived keys using the PBKDF2 algorithm and store them in the database in advance. The salt value should be at least 64-bit (8-byte) long, the iteration count is 1000, and the output key length is 20-byte. The derived key and salt value must be stored in hexadecimal string format. The following is an example of a row of data when using PBKDF2 derived key to store passwords in the table.

ODBC PBKDF2

Connection String

The ODBC driver connection string for connecting to the database server.

User Database Polling Interval

Select a polling option from the User Database Polling Interval drop-down list. This specifies how often the server updates the user list from the external database.

Test

Test connection with the database server with the supplied connection string.

Please note that the maximum length of the above fields is 255 bytes.