Server configurations

General syntax

This collection of commands configures settings that are related to transfer server features such as the Aspera Node API service (asperanoded), Aspera Watch Service, Aspera Watchfolders, and Aspera Proxy.

The syntax for setting server parameters is the following:

$ asconfigurator -x "set_server_data;parameter,value"
Note: Not all available parameters are listed, only the most commonly used. To view a complete list, run the following command:
$ /Library/Aspera/bin/asuserdata -+

Transfer server

server_name
The hostname or IP address of this Aspera transfer server.
Values: (String).
transfers_multi_session_default
The default value for the number of sessions in a multi-session transfer.
Values: (Number, default 1).
transfers_retry_duration
The time duration during which transfer retries are attempted.
Values: (Time value, default 20 m).
transfers_retry_all_failures
Whether a transfer must be retried after all failures (true) or not (false). If set to false, transfers are not retried for failured deemed unretryable, such as for permission failures.
Values: false (default), true.
http_port
The HTTP port on which the asperanoded service listens.
Values: 9091 (default). Must be above 1024.
https_port
The HTTPS port on which the asperanoded service listens.
Values: 9092 (default). Must be above 1024.
enable_http
Whether HTTP is enabled for asperanoded on the port that is configured for http_port (true) or not (false).
Values: false (default), true.
enable_https
Whether HTTPS is enabled for asperanoded on the port that is configured for https_port (true) or not (false).
Values: true (default), false.
cert_file
The full path of the SSL certificate file for asperanoded.
Values: (Absolute file path).
ssh_host_key_fingerprint
The SSH key fingerprint used by Aspera clients to determine the server's authenticity. The client confirms a server's authenticity by comparing the server's fingerprint with the trusted fingerprint.
Values: (String).
ssh_host_key_path
The path to the transfer server's public or private key file, from which the fingerprint is extracted automatically.
Values: (Absolute file path).
ssh_port
The port to use for SSH authentication of transfer users.
Values: (Number, default 33001).
max_response entries
The maximum number of items the Node API returns on calls.
Values: (Number, default 1000).
max_response time_sec
The time limit in seconds before an unresponsive Node API response times out.
Values: (Number, default 10).
db_dir
The path to the directory where the redis database file for the Node API is saved.
Values: (Absolute path).
db_port
The port on which the redis database for the Node API listens.
Values: (Number, default 31415).
activity_logging
Whether transfer logs must be queriable through the Node API (true) or not (false).
Values: false (default), true.
watchd_enabled
Whether the Watchfolder (asperawatchd) service is enabled (true) or not (false).
Values: false (default), true.
ssl_ciphers
The list of SSL encryption ciphers that the server allows. Each cipher is separated by a colon (:). See the server documentation for the default list of ciphers.
Values: (Colon-delimited list).
ssl_protocol
The minimum allowed SSL protocol. Higher security protocols are always allowed.
tlsv1 (default), tlsv1.1, tlsv1.2.

Aspera proxy

proxy_enabled
Whether forward proxy is on (true) or off (false).
Values: false (default), true.
proxy_authentication
Whether to enable the authentication requirement for the forward proxy server (true) or not (false).
Values: false (default), true.
proxy_bind_ip_address
The IP address that the forward proxy server binds to (also the IP address that the client connects to). 0.0.0.0 allows the proxy server to bind to all available interfaces.
Values: (IP address, default 0.0.0.0).
proxy_bind_ip_netmask
The netmask that the forward proxy server binds to (also the netmask that the client connects to).
Values: (String).
proxy_port_range_low
The lower bound of the port range for the forward proxy.
Values: (Number, default 5000).
proxy_port_range_high
The upper bound of the port range for the forward proxy.
Values: (Number, default 10000)
proxy_cleanup_interval
The interval in seconds at which the forward proxy server scans and cleans up expired sessions.
Values: (Number, default 0).
proxy_keepalive_internal
The interval in seconds at which the ascp client sends keep-alive requests. This option is propagated to the client.
Values: (Number, default 0).
proxy_session_timeout
The interval in seconds after which a session times out if no keep-alive updates were received.
Values: (Number, default 0).
rproxy_rules_rule_proxy_port
The reverse proxy server port that receives UDP traffic.
Values: (Number, default 33001).
rproxy_rules_rule_host
The IP address and SSH port of the internal destination. If unspecified the default port is 22.
Values: (IP address and port).
rproxy_rules_rule_hosts
The list of IP addresses and SSH ports for the load-balancing feature. The first character is a separator (preferably a "|") which can be used to set multiple hosts. For example, |10.0.23.123:33001|10.0.23.124:33001|10.0.23.125:33001.
Values: (Character separator)(IP address)[(Character separator)(IP address)]
rproxy_rules_rule_squash_user
The account name that is used for authenticating with the internal server.
Values: (String).
rproxy_rules_rule_key_file
The path to the SSH private key for authenticating with the internal server.
Values: (Absolute path).
rproxy_rules_rule_udp_port_reuse
Whether the reverse proxy must reuse the UDP port (true) or not (false). Setting this to false enables reverse proxy to create iptables rules that increment the UDP port number that clients connect to, and the internal server's UDP port to which transfers are routed to.
Values: true (default), false.
rproxy_rules_rule_balancing
The method for distributing transfers as part of the load-balancing feature. Currently, round-robin is the only supported method.
Values: round-robin (default).
rproxy_enabled
Whether reverse proxy is on (true) or off (false).
Values: false (default), true.
rproxy_log_level
The level of debug messages to log for reverse proxy.
Values: 0 (default), 1, 2.
rproxy_log_directory
The reverse proxy server log file location. If no value is set, the proxy logs to syslog.
Values: (Absolute path).