Errors 5 and 51 are FASP error codes that refer to insufficient permissions of transfer users.
Transfer users must have permission to access their docroot and the files within it. A docroot is a directory on the server that the user is constrained to access and transfer with, along with any of its subdirectories. These permissions must be configured on the operating system.
You can also configure certain permissions on the Aspera server. Transfer users have read, write, overwrite and browse permissions when accessing your server, and if these are denied to users they will receive the insufficient permissions error. This is expected if you want to limit certain users’ capabilities on the server.
Examples of this error
This error can manifest itself in several ways, including in the GUI application for your server, the command line if you’re transferring with
ascp, and in the transfer log file. Additionally, this error can appear when using the Connect browser plug-in to download files from Faspex.
GUI and ascp
If your transfer user does not have operating system permission to the docroot you will see the following error when trying to make a transfer via
ascp, or the error window below when making a transfer via the GUI:
Error 51 [Destination: Permission denied]
Session Stop (Error: insufficient permissions)
If your transfer user does not have browse access to the docroot on the Aspera server and you attempt to connect to the server on the GUI, you will receive an error message similar to the following:
If your transfer user does not have read access to the docroot on the Aspera server and you attempt to download files, you will see the following error message on the command line or in the status of your transfer in the GUI:
Read access denied for user
If your transfer user does not have write access to the docroot on the Aspera server and you attempt to upload files, you will see the following error message on the command line or in the status of your transfer in the GUI:
Write access denied for user
Overwrite permission on the Aspera server is the ability to upload files that replace existing files on the server. If your transfer user does not have overwrite permission and attempts to overwrite an existing file, you will see the following error message on the command line or in the status of your transfer in the GUI:
aspera-scp-transfer.log file records helpful information for each attempted transfer, labelled by the date and time attempted. For a reference of the location of this log file on your system, please see this article (Where are the Client or Server logs located?).
A sample of what would be logged for a failed transfer with error code 5 and 51 is the following:
2015-09-15 14:25:02 [2648-00002074] ERR Insufficient permissions
2015-09-15 14:25:03 [2648-00002074] ERR FASP sender had error, errcode 51 errstr [Insufficient permissions]
2015-09-15 14:25:03 [2648-00002074] ERR Peer FASP receiver had error, errcode 51 errstr [Insufficient permissions]
2015-09-15 14:25:03 [2648-000009a8] LOG FASP Session Stop uuid=014df55c-d42d-42db-9158-43eda0208d77 op=send
status=failed errcode=5 errstr="Insufficient permissions"
Connect browser plugin
When attempting to download a Faspex package that has been encrypted with Encryption at Rest (in other words, with a password), you receive this error if you supply the wrong password at the prompt.
1. Ensure that your transfer user has permission to access its docroot and the files within on the operating system level.
On Unix-like systems (Linux and Mac OS X)
You can check the permissions of the folder with the following command:
# ls -ld docroot_directory
Within the docroot, you can check the permissions of files and subfolders with the following command:
# ls -l
Below is an example of problematic output:
d--xr-x--x 32 janedoe wheel 1088 Sep 16 11:45 my_docroot/
At minimum you need read and write access to the docroot folder and any files within it. In the above example user janedoe owns the my_docroot folder and lacks these permissions, as shown by the leftmost
You can give the user read and write permissions by running the following command:
# chmod u+rw docroot_directory
If you want to give the user hgranger access to this docroot folder or any of its files, even though janedoe is the owner, you will need to give all other users read and write permissions. The permissions are lacking in the example above as shown by the rightmost --x. You can give other users read and write permission by running the following command:
# chmod o+rw docroot_directory
Right click the docroot directory folder and select Properties. Click the Security tab.
If you do not see the transfer user in the list of user names, or if the user is lacking Read and Write permissions you will need to configure these permissions.
Click the Edit button. Next, if your transfer user is not in the list, click Add. In the resulting window, type in the transfer username and select OK.
Now that your transfer user is in the list, select the user.
Check the Allow checkboxes for the Read and Write permission. Select OK.
The above process can be repeated on individual files if the error still occurs after giving your user permissions to the docroot.
2. Check the Aspera permissions of the transfer user.
The four permissions are as follows:
- Read: Permission to download files from the docroot
- Write: Permission to upload files to the docroot
- Browse: Permission to view the docroot
- Overwrite: Permission to overwrite files
You can configure these permissions in the GUI by clicking the Configuration button. In the left panel click Users and select the transfer user you want to configure. On the Docroot tab you can change the docroot path, as well as the read, write and browse permissions.
A value of true gives the transfer user the permission, and a value of false denies them the permission.
To configure the overwrite permission, click the File Handling tab. For the Overwrite setting, a value of allow gives the transfer user overwrite permission, and a value of deny denies them the permission.
You can also edit the
aspera.conf configuration file directly if you prefer not to use the GUI. Below is an example of what the configuration for user janedoe’s permissions might look like:
<absolute>/my_docroot</absolute> <!-- docroot path -->
<read_allowed>true</read_allowed> <!-- read permission -->
<dir_allowed>true</dir_allowed> <!-- browse permission -->
<write_allowed>true</write_allowed> <!-- write permission -->
<overwrite>allow</overwrite> <!-- overwrite permission -->
3. If you are downloading an encrypted package from Faspex, verify the password you are providing is correct.
If you do not have the password at hand you can still download the package by selecting Keep files encrypted. Note that in order to decrypt and access the package you still will ultimately need to provide the correct password.