Get Started with an Aspera Transfer Server

As a server, HST Server is a remote endpoint that accepts authenticated connections from Aspera client applications and that participates as a source or destination for authorized transfers. Your server can also take the role of a client and connect to other Aspera servers to initiate transfers. The following steps describe how to prepare your system as a server.

Review the system requirements and install HST Server.
See Installing HST Server.
Secure your server.
For a compilation of Aspera-recommended security best practices, see Configuring Shares Security.
1. Configure your firewall (see Configuring the Firewall).
2. Change and secure the TCP port (see Securing Your SSH Server).
3. Determine if you want to use server-side encryption at rest. See Server-Side Encryption at Rest (EAR) for instructions on configuring this in the GUI or Server-Side Encryption-at-Rest (EAR) for instructions on configuring this from the command line.
You can also restrict user access to your server, which is described in a later step.
Set up the HST Server web UI (deprecated), if using.
See HST Server Web UI (Deprecated) for instructions.
Add users and configure their access.
Aspera client applications authenticate to the server using operating system accounts on the server. For example, if a remote client user, "marketing_mgr" wants to transfer with the server, add marketing_mgr as a system user on the server and then add marketing_mgr as an Aspera transfer user. To secure your server, restrict marketing_mgr's access to only certain directories on the server (set a docroot), set transfer permissions, and set the default shell as aspshell.
1. For instructions on adding users, assigning users to aspshell, and setting a docroot, see Setting Up Users for instructions using the GUI or Setting Up Transfer Users (Terminal).
2. If you prefer to have your users authenticate to the server using SSH keys rather than with passwords, gather their public keys and install them on the server. For instructions, see Setting Up a User's Public Key on the Server.
Configure transfer settings and control bandwidth usage.
Aspera FASP transfers can be configured globally, by group, or by user. You can set bandwidth caps and limit the total number of transfers. For more information on user-specific settings, see Transfer Server Configuration or aspera.conf - Transfer Server Configuration.
You can also set "virtual" bandwidth caps that can be assigned to incoming or outgoing transfers by group or by user. For more information, see Controlling Bandwidth Usage with Virtual Links (GUI) or Controlling Bandwidth Usage with Virtual Links (Command Line).
Set up file validation and processing, if needed.
You can protect your server against malicious software in uploaded files by using out-of-line file validation or inline file validation. For more information, see Out-of-Transfer File Validation and Inline File Validation.
You can configure your server to run other customized scripts when an individual file transfer starts or stops, or when a transfer session starts or stops. For more information, see File Pre- and Post-Processing (Prepost).
If your server is installed on a virtual machine in object storage, update the configuration as required.
For more information, see Configuring for Object Storage and HDFS.
Test that a remote client can access and transfer with your server.
For instructions, see Testing a User-Initiated Remote Transfer. If you have problems, review the topics in Troubleshooting.

Once you confirm that remote clients can access your server, your basic server set up is complete.

If you want to automatically distribute files and folders to clients when they are added to a specific folder on the server, see Introduction to Watch Folders and the Aspera Watch Service.
If you want to enable server-based clients to synchronize files with your server, with the ability to synchronize bidirectionally, see Monitor Sync Jobs.