Configuring Credential Manager for secure transfers that use Aspera NodeD Service (asperanoded)
To run processes that involve the asperanoded service, the
transfer user must run as a system user. Credential Manager stores the
necessary credentials for ascp
or async
transfers that use
WebSocket, or for Node API calls that access the /ops/transfers
endpoint.
Adding the system user credentials to Credential Manager allows the
service user, svcAspera
(by default) to create a login session for the transfer
user by using the stored credentials.
Credential Manager
Add the system user credentials to Credential Manager on the same machine where HSTS is installed:
- Open a command prompt window and run the following
commands:
runas /user:svcAspera cmd.exe cmdkey /generic:xfer /user:xfer /pass:<password>
svcAspera
refers to the service account running eitherasperanoded
orsshd
, whilexfer
refers to the system user account used by theascp
transfer user.By running these commands, you instruct Windows to run command prompt as the system user
svcAspera
. After entering the password, another command prompt window opens, where you can run the transfers.To confirm that the command prompt is running as the system user, the title bar must display cmd.exe (running as xfer\svcAspera).
After this setup, transfers created with ascp
and async
that use WebSocket require entering credentials that are authenticated through Credential
Manager, while transfers initiated by using the Node API endpoint
/ops/transfers
use securely stored credentials, eliminating the need to reenter
them for each transfer.