|
|
# Prerequisites
|
|
|
|
|
|
If you want to be able to use the tool smoothly, make sure that you have:
|
|
|
|
|
|
- **OS: macOS or Linux distribution** - This script can only run on those operative systems, it might be possible to run it on Windows 10 with bash installed but it has not been tested
|
|
|
- **SSH: public key uploaded** - This script is assuming that you have generated and transferred your public SSH key to the SPSP SFTP Server. If not, please read the [Installation](#installation) chapter
|
|
|
- **GPG: gpg available** - This script uses [GnuPG](https://gnupg.org/) to encrypt the data , make sure that it is installed and you can run this command (`which gpg`)
|
|
|
- **COMMANDS: commands available** - The Transfer Tool relies on multiple commands such as: `sha256sum` or `shasum`, `tar`, `sftp`, `nc` and `gpg`, to perform different operations needed. Make sure that all of them are available (`which sha256sum` for example)
|
|
|
- **(Optional) CRON: automatic mode** - If you want to activate the automatic mode of the Transfer Tool make sure that you can setup a CRON task
|
|
|
|
|
|
## Install the missing packages
|
|
|
|
|
|
Please find below examples of needed packages for specific distributions:
|
|
|
|
|
|
### CentOS
|
|
|
|
|
|
```bash
|
|
|
dnf install -y nc
|
|
|
dnf install -y openssh-clients #Requested for the sftp command
|
|
|
```
|
|
|
|
|
|
### Debian
|
|
|
|
|
|
```bash
|
|
|
sudo apt-get install -y netcat
|
|
|
sudo apt-get install -y gpg
|
|
|
sudo apt-get install -y openssh-client
|
|
|
```
|
|
|
|
|
|
Due to the secure environment where SPSP is hosted, data cannot be directly uploaded via the SPSP online platform. Instead SPSP users should use a dedicated drive within their institution to submit data to SPSP.
|
|
|
|
|
|
Note: The dedicated drive is to be setup by each institution, with the support of SIB ([see below](#set-up-a-shared-drive-between-users-of-the-same-SPSP-group)). Upon registration of your group to SPSP, SIB will ask you to liaise with your IT department to set this up. Data cannot be submitted to SPSP before this drive has been set up.
|
|
|
|
|
|
## Set up a shared drive between users of the same SPSP group
|
|
|
|
|
|
SPSP users must belong to a SPSP group. All the data submitted by a user of a group is visible to all the users of this group. Thus, if multiple SPSP groups are registered to SPSP in your institution, please make sure to set up separate shared drives for each SPSP group.
|
|
|
|
|
|
The shared drive should be hosted on a Linux server (CentOS ideally), and require authentication using e.g. your institution LDAP. As explained below, data transferred to SPSP is not done by the user but by the SPSP group. Hence, in order to be able to trace back the origin of potential malware submissions, it is essential that access to the shared drive be controlled at the user level.
|
|
|
|
|
|
## Upload the SSH public key
|
|
|
|
|
|
Before using the script, you need to make sure that you create an SSH key pair for group authentication on the SFTP server.
|
|
|
|
|
|
Start by generating a key pair, make sure to replace `user` by your specific ID provided by the board of SPSP. Open a terminal and type:
|
|
|
|
|
|
```bash
|
|
|
ssh-keygen -o -a 64 -t ed25519 -f ~/.ssh/id_ed25519 -C "user@spsp.sib.swiss" #PLEASE REPLACE user WITH YOUR OWN LAB/INSTITUTION ID GIVEN BY SPSP SUPPORT, IF NOT REQUEST ONE
|
|
|
```
|
|
|
|
|
|
You will be asked to `Enter file in which to save the key (/Users/user/.ssh/id_ed25519 or /home/user/.ssh/id_ed25519):`, leave it by default by typing the return key.
|
|
|
|
|
|
Then you will be asked to `Enter passphrase (empty for no passphrase):`, you can leave it empty or type your own passphrase.
|
|
|
|
|
|
You will then be prompted that your SSH public key has been saved to `/Users/user/.ssh/id_ed25519.pub` or `or /home/user/.ssh/id_ed25519.pub`. This is your public key that needs to be authorized on the SPSP SFTP Server.
|
|
|
|
|
|
For the next step, you will need to upload your key. Start by copying your key. Type the following to display the public key:
|
|
|
|
|
|
For macOS:
|
|
|
```bash
|
|
|
cat /Users/user/.ssh/id_ed25519.pub #PLEASE REPLACE user WITH YOUR LOCAL ACCOUNT
|
|
|
```
|
|
|
|
|
|
For linux:
|
|
|
```bash
|
|
|
cat /home/user/.ssh/id_ed25519.pub #PLEASE REPLACE user WITH YOUR LOCAL ACCOUNT
|
|
|
```
|
|
|
|
|
|
Then click [here](mailto:spsp-support@sib.swiss?subject=[SPSP-SFTP]Request%20Authorization) to send your key. Once the key has been validated, you will be notified by mail.
|
|
|
|
|
|
[Installation →](Installation) |
|
|
\ No newline at end of file |