Working With Remote Servers |
Follow the steps below to set up a remote transfer-server node for IBM Aspera Faspex on Demand.
This is the user who authenticates the actual ascp transfer, and must be an operating system account. Run the following commands to create the system user "faspex."
# /usr/sbin/groupadd -r faspex # /usr/sbin/useradd -r faspex -s /bin/aspshell-r -g faspex
# mkdir -p /home/faspex/faspex_packages # chown faspex:faspex /home/faspex/ # chown faspex:faspex /home/faspex/faspex_packages
Add the faspex package directory as a docroot in aspera.conf. The aspera.conf file can be found in the following location:
/opt/aspera/etc/aspera.conf
Below is a typical Faspex aspera.conf file. Yours may differ, particularly if you have installed other Aspera products. Modify the following, as necessary:
<?xml version='1.0' encoding='UTF-8'?> <CONF version="2"> <central_server> <address>127.0.0.1</address> <port>40001</port> <compact_on_startup>enable</compact_on_startup> <persistent_store>enable</persistent_store> <persistent_store_on_error>ignore</persistent_store_on_error> <persistent_store_max_age>86400</persistent_store_max_age> <event_buffer_overrun>block</event_buffer_overrun> </central_server> <default> <file_system> <pre_calculate_job_size>yes</pre_calculate_job_size> </file_system> </default> <aaa> <realms> <realm> <users> <user> <name>faspex</name> <file_system> <access> <paths> <path> <absolute>/home/faspex/faspex_packages</absolute> <show_as>/</show_as> <dir_allowed>true</dir_allowed> </path> </paths> </access> <directory_create_mode>770</directory_create_mode> <file_create_mode>660</file_create_mode> </file_system> <authorization> <transfer> <in> <value>token</value> </in> <out> <value>token</value> </out> </transfer> <token> <encryption_key>af208360-dbdd-4033-a35b-2370941f37e9</encryption_key> </token> </authorization> </user> </users> </realm> </realms> </aaa> <http_server> <http_port>8080</http_port> <enable_http>1</enable_http> <https_port>8443</https_port> <enable_https>1</enable_https> </http_server> <server> <server_name>SERVER_IP_OR_NAME</server_name> </server> </CONF>
After modifying aspera.conf, restart Aspera Central and Aspera NodeD services.
# /etc/init.d/asperacentral restart # /etc/init.d/asperanoded restart
If you need to update your transfer server license (by following the instructions in the Updating Product License section of the Enterprise Server Admin Guide), you must reload the asperanoded service afterwards. Reload the asperanoded service by running asnodeadmin.exe, found in the following location:
# /opt/aspera/bin/asnodeadmin --reload
Run the following commands to set up the node user (where "node-admin" is the node user, "s3cur3_p433" is his password and "faspex" is the system user), and then reload asperanoded.
# /opt/aspera/bin/asnodeadmin -a -u node-admin -p s3cur3_p433 -x faspex # /opt/aspera/bin/asnodeadmin --reload
First, locate your Connect Browser Plug-in key as follows:
/opt/aspera/var/aspera_id_dsa.pub
# mkdir -p /home/faspex/.ssh
# cat /opt/aspera/var/aspera_id_dsa.pub >> /home/faspex/.ssh/authorized_keys
# chown faspex:faspex /home/faspex/.ssh # chown faspex:faspex /home/faspex/.ssh/authorized_keys # chmod 600 /home/faspex/.ssh/authorized_keys # chmod 700 /home/faspex # chmod 700 /home/faspex/.ssh
Follow the instructions in the topic "Configuring a Remote Server in Faspex for configuring your remote transfer server in the Faspex Web GUI (Server > File Storage).