Setting Up Transfer Users (Terminal)

Add system users on your computer, and configure the account for the fasp transfer.

Aspera transfer products use system accounts for connection authentication, and these accounts require additional configuration for Aspera transfers. You can specify user-based settings, such as bandwidth, document root (docroot), and file handling rules.

Follow these steps to set up transfer accounts in a command terminal:

  1. Open aspera.conf with a text editor.

    To set up system users for FASP files transfers, locate the Aspera transfer product's configuration file, aspera.conf, and open it with a text editor:

    /opt/aspera/etc/aspera.conf

    You can find an example of aspera.conf in the following location:

    /opt/aspera/etc/samples/aspera-everything.conf

    The following steps explain how to update this file.

  2. Restrict user permissions with aspshell.

    By default, all system users can establish a FASP connection and are only restricted by file permissions. You can restrict the user's file operations through the aspshell, which permits only the following operations:

    • Running Aspera uploads and downloads to or from this computer.
    • Establishing connections in the application, and browsing, creating, deleting, renaming, or listing contents.

    The following steps explain how to change a user account so that it uses the aspshell. Keep in mind that this is an example, and there may be other ways to do so on your system. Open the following file with a text editor:

    /etc/passwd

    Add or replace the user's shell with aspshell. For example, to apply aspshell to the user aspera_user_1, use the following settings in this file:

    ...
    aspera_user_1:x:501:501:...:/home/aspera_user_1:/bin/aspshell
    ...

    You can also restrict a user's file access with docroot (document root) settings in the <file_system/> section of aspera.conf, using the following tags: <absolute/>, <read_allowed/>, <write_allowed/>, and <dir_allowed/>. For details, see aspera.conf - File System.

  3. Configure a user's transfer settings.

    Besides the default (global) transfer settings, you can also create user-specific transfer settings. Point-to-Point picks up settings in the order of user, global, and default. In the following example, Point-to-Point applies settings in bold text to aspera_user_1:

    Settings User aspera_user_1 Global Default
    Target rate 5M 40M 45M
    Docroot n/a /pod/$(name) n/a
    Encryption n/a n/a any

    Add the following section to aspera.conf:

    <?xml version='1.0' encoding='UTF-8'?>
    <CONF version="2">
       <aaa>
          <realms>
             <realm>
                <users>
                   <user>
                      <name></name> <!-- user name -->
                      <authorization>...</authorization> <!-- authorization settings -->
                      <transfer>...</transfer> <!-- transfer settings -->
                      <file_system>...</file_system> <!-- file system settings -->
                   </user>
                   <user><!-- another user's profile -->
                      ... <!-- settings -->
                   </user>
                </users>
             </realm>
          </realms>
       </aaa>
       ...
    </CONF>
  4. Verify the configuration.

    When you have finished updating the user's settings in the aspera.conf, use the following command to verify it. (In this example, verify the settings for user asp_1):

    $ /opt/aspera/bin/asuserdata -b -u asp_1