MicrosoftDocs
diff --git a/‎articles/storage/blobs/media/secure-file-transfer-protocol-support/verify-opensshcert.jpg‎
-88.2 KB b/‎articles/storage/blobs/media/secure-file-transfer-protocol-support/verify-opensshcert.jpg‎
-88.2 KB
diff --git a/‎articles/storage/blobs/media/secure-file-transfer-protocol-support/verify-opensshcert.png‎
127 KB b/‎articles/storage/blobs/media/secure-file-transfer-protocol-support/verify-opensshcert.png‎
127 KB
diff --git a/‎articles/storage/blobs/secure-file-transfer-protocol-support-entra-id-based-access.md‎
Lines changed: 1 addition & 1 deletion b/‎articles/storage/blobs/secure-file-transfer-protocol-support-entra-id-based-access.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/storage/blobs/secure-file-transfer-protocol-support.md‎
Lines changed: 3 additions & 3 deletions b/‎articles/storage/blobs/secure-file-transfer-protocol-support.md‎
Lines changed: 3 additions & 3 deletions
@@ -224,7 +224,7 @@ Use the following command to view the OpenSSH certificate:
 
 The _Principals_ section contains the username:
 
-:::image type="content" source="./media/secure-file-transfer-protocol-support/verify-opensshcert.jpg" alt-text="Screenshot of the principals section in the command ouput.":::
+:::image type="content" source="./media/secure-file-transfer-protocol-support/verify-opensshcert.png" alt-text="Screenshot of the principals section in the command ouput.":::
 
 For security reasons, the OpenSSH certificate is valid for 65 minutes. After this period, you need to request a new certificate to initiate any further transactions.
 
 
@@ -43,6 +43,9 @@ Different protocols are supported by the hierarchical namespace. SFTP is one of
 
 ## SFTP permission model
 
+> [!TIP]
+> The ability to use Microsoft Entra ID to authorize SFTP transfers is currently now in public preview. To learn more about configuring entra-id based access, see  [Authorize SSH File Transfer Protocol (SFTP) access to blobs using Microsoft Entra ID](secure-file-transfer-protocol-support-entra-id-based-access.md).
+
 SFTP utilizes a new form of identity management called _local users_.
 
 Local users must use either a password or a Secure Shell (SSH) private key credential for authentication. You can have a maximum of 25,000 local users for a storage account.
@@ -56,9 +59,6 @@ To set up access permissions, you create a local user, and choose authentication
 
 Enabling SFTP support doesn't prevent other types of clients from using Microsoft Entra ID. For users that access Blob Storage by using the Azure portal, Azure CLI, Azure PowerShell commands, AzCopy, as well as Azure SDKs, and Azure REST APIs, you can continue to use the full breadth of Azure Blob Storage security setting to authorize access. To learn more, see [Access control model in Azure Data Lake Storage](data-lake-storage-access-control-model.md).
 
-> [!TIP]
-> The ability to use Microsoft Entra ID to authorize SFTP transfers is currently now in public preview. To learn more about configuring entra-id based access, see  [Authorize SSH File Transfer Protocol (SFTP) access to blobs using Microsoft Entra ID](secure-file-transfer-protocol-support-entra-id-based-access.md).
-
 ## Authentication methods
 
 You can authenticate local users connecting via SFTP by using a password or a Secure Shell (SSH) public-private keypair. You can configure both forms of authentication and let connecting local users choose which one to use. However, multifactor authentication, whereby both a valid password and a valid public-private key pair are required for successful authentication isn't supported.