|Configuring for Other Aspera Products|
The steps below show how to set up IBM Aspera Enterprise Server as a transfer server for IBM Aspera Shares. The procedure assumes you have already set up your Shares application. For general information on setting up a transfer server (using the Node API), see Managing the Node API.
Follow the instructions in Standard Installation to install Enterprise Server either locally (on the same host as Shares) or remotely.
The steps below must be performed as root.
# /opt/aspera/bin/asnodeadmin -a -u node_api_username -p node_api_passwd -x aspera_user_1
# useradd aspera_user_1
After you've created the operating system account, set up this user in Enterprise Server. For instructions on setting up a user, see Setting Up Users.
For example, if the file transfer user is aspera_user_1, the standard location for the public key is in the user's home directory, as follows:
The Aspera-provided key file is located in:
On the command line, run the following to create the user's public key folder (if it does not already exist):
# mkdir /home/aspera_user_1/.ssh
Run the following commands to create the keyfile authorized_keys (if it does not already exist), and append the key text to it. Update the directory permissions and ownership if necessary.
# cat /opt/aspera/var/aspera_tokenauth_id_rsa.pub >> /home/aspera_user_1/.ssh/authorized_keys
Run the following commands to change the key directory and keyfile's ownership to user aspera_user_1, to allow access by the aspera_user_1 group, and to set permission bits:
# chown -R aspera_user_1:aspera_user_1 /home/aspera_user_1/.ssh/authorized_keys # chmod 600 /home/aspera_user_1/.ssh/authorized_keys # chmod 700 /home/aspera_user_1 # chmod 700 /home/aspera_user_1/.ssh
<central_server> <persistent_store>enable</persistent_store> </central_server> <server> <server_name>server_ip_or_name</server_name> </server> <http_server> <http_port>8080</http_port> <enable_http>1</enable_http> <https_port>8443</https_port> <enable_https>1</enable_https> </http_server>
Whenever you change these settings, you must restart asperacentral and asperanoded.
# /etc/init.d/asperanoded restart # /etc/init.d/asperacentral restart
<user> <name>aspera_user_1</name> <authorization> <transfer> <in> <value>token</value> </in> <out> <value>token</value> </out> </transfer> <token> <encryption_key>gj5o930t78m34ejme9dx</encryption_key> </token> </authorization> <file_system> ... ... </file_system> </user>
Alternatively, you can configure token-authorization settings in a <group> section to be applied to all users in the group. Or, you can configure the settings in the <default> section to apply them globally for all users.
For additional details on configuring token authorization, see Setting Up Token Authorization.