Setting Up Transfer Users (Terminal)

Add system users on your computer, and configure the account for the fasp transfer.

Aspera transfer products use system accounts for connection authentication, and these accounts require additional configuration for Aspera transfers. You can specify user-based settings, such as bandwidth, document root (docroot), and file handling rules.

Follow these steps to set up transfer accounts in a command terminal:

  1. Open aspera.conf with a text editor.

    To set up system users for FASP files transfers, locate the Aspera transfer product's configuration file, aspera.conf, and open it with a text editor:

    /opt/aspera/etc/aspera.conf

    You can find an example of aspera.conf in the following location:

    /opt/aspera/etc/samples/aspera-everything.conf

    The following steps explain how to update this file.

  2. Restrict user permissions with aspshell.

    By default, all system users can establish a FASP connection and are only restricted by file permissions. You can restrict the user's file operations through the aspshell, which permits only the following operations:

    • Running Aspera uploads and downloads to or from this computer.
    • Establishing connections in the application, and browsing, creating, deleting, renaming, or listing contents.

    The following steps explain how to change a user account so that it uses the aspshell. Keep in mind that this is an example, and there may be other ways to do so on your system. Open the following file with a text editor:

    /etc/passwd

    Add or replace the user's shell with aspshell. For example, to apply aspshell to the user aspera_user_1, use the following settings in this file:

    ...
    aspera_user_1:x:501:501:...:/home/aspera_user_1:/bin/aspshell
    ...

    You can also restrict a user's file access with docroot (document root) settings in the <file_system/> section of aspera.conf, using the following tags: <absolute/>, <read_allowed/>, <write_allowed/>, and <dir_allowed/>. For details, see aspera.conf - File System.

  3. Configure a user's transfer settings.

    Besides the default (global) transfer settings, you can also create user-specific and group-specific transfer settings. The user-specific settings have the highest priority, overriding both group and global settings.

    Add the following section to aspera.conf:

    <?xml version='1.0' encoding='UTF-8'?>
    <CONF version="2">
       <aaa>
          <realms>
             <realm>
                <users>
                   <user>
                      <name></name> <!-- user name -->
                      <authorization>...</authorization> <!-- authorization settings -->
                      <transfer>...</transfer> <!-- transfer settings -->
                      <file_system>...</file_system> <!-- file system settings -->
                   </user>
                   <user><!-- another user's profile -->
                      ... <!-- settings -->
                   </user>
                </users>
             </realm>
          </realms>
       </aaa>
       ...
    </CONF>
  4. Verify the configuration.

    When you have finished updating the user's settings in the aspera.conf, use the following command to verify it. (In this example, verify the settings for user asp_1):

    $ /opt/aspera/bin/asuserdata -b -u asp_1