Setting Up Users

Set up system user account for fasp file transfers.

Print this page

NOTE: This topic demonstrates setting up transfer user accounts with the GUI. If you are configuring the users in a Terminal, refer to Setting Up Transfer Users (Terminal).

Your Aspera server uses your system accounts to authenticate connections. These system accounts must be added and configured before attempting an Aspera transfer. When creating transfer accounts, you may also specify user-based settings, including those for bandwidth, document root (docroot) and file handling.

IMPORTANT NOTE: You must create systems accounts for transfer users before they can be configured on your Aspera server. After these system accounts have been created and initialized on your local host, follow the steps below to configure their transfer accounts.

  1. Set up the system user for Web UI authentication.

    On top of SSH authentication, Connect Server uses Apache's authentication to authorize Web UI access. To set up a system user for Apache authentication (asp1), use the htpasswd command to set up the user for Web UI.

    $ htpasswd /opt/aspera/etc/webpasswd asp1

    IMPORTANT NOTE: Use the -c option ONLY if this is the first time running htpasswd to create the webpasswd file. Do not use the -c option otherwise.

  2. Restrict user permissions with aspshell.

    By default, all system users can establish a fasp connection and are only restricted by file permissions. You can restrict the user's file manipulation operations through the aspshell, which permits only the following operations:

    • Run Aspera uploads and downloads to or from this computer.
    • Establish connections in the application and browse, create, delete, rename or list contents.

    The following instructions demonstrate how to change a user account so that it uses the aspshell. Keep in mind that this is an example, and there may be other ways to do so for your system. Open the following file with a text editor:

    /etc/passwd

    Add or replace a user's shell with /bin/aspshell. For example, to apply aspshell to the user asp1, use the following settings:

    ...
asp1:x:501:501:...:/home/asp1:/bin/aspshell
...

    You can also restrict a user's file access with Document Root (docroot) settings. The instructions are explained in the following steps.

  3. Add a system user to your Aspera server.

    Input asperascp in a Terminal (as a root user) to launch the application, and click Configuration.

    Click the Configuration.

    Within Server Configuration, select the Users tab and click the Add user button.

    Add the test user.
  4. Set up user's docroot.

    You may limit the user's access to a given directory using the Document Root (docroot). To set it up, click Configuration > Users (tab) > {User} > Docroot , check the Override box for Absolute Path and enter or select an existing path as the user's docroot (E.g. /sandbox/asp1). Make sure that at least the Read Allowed and Browse Allowed have the value true. Click OK or Apply when finished.

    Set up the docroot.

    If there is a pattern in the docroot of each user, for example, /sandbox/"user name", you can take advantage of the substitutional string. By using the substitutional string, you can assign independent docroot to each user by setting only the global docroot, instead of adding docroot for each user.

    Substitutional String Definition Example
    $(name) The system user's name. /sandbox/$(name)

    To set up docroot with the substitutional string, in the Configuration window, select Global and the Docroot tab, and enter the docroot into the Absolute Path field. When added, this value will be duplicated onto all the users' settings.

    Use the substitutional string for the docroot.