Secure file upload gateway for Galaxy
Hi, Our team at the University of Oslo is building a Life Science Portal based on Galaxy. We operate several standalone instances and we have the necessary sysadmin experience, but we really need to implement a more secure file upload mechanism than FTP (we do not like to send cleartext password credentials in the open ), and we understand that Galaxy does not integrate an upload method other than FTP with reference to this screencast: http://screencast.g2.bx.psu.edu/quickie_17_ftp_upload/flow.html One possible solution for this is to setup an SFTP upload server with a huge scratch space, that runs the SFTP upload gateway on one end and an IP restricted FTP server on the other, so that users can then upload/index the SFTP uploaded data into their Galaxy session via the URL upload field. This two step process might be a bit cumbersome for some of our users and we are looking for ways to simplify it. Do you have best recipes for SFTP/Aspera upload gateway integration to Galaxy? We would welcome advise on that matter. GM Best regards, -- -- George Magklaras PhD RHCE no: 805008309135525 Head of IT/Senior Systems Engineer Biotechnology Center of Oslo and the Norwegian Center for Molecular Medicine/ Vitenskapelig Databehandling (VD) - Research Computing Services - USIT EMBnet TMPC Chair http://folk.uio.no/georgios http://www.uio.no/english/services/it/research/hpc/abel/ Tel: +47 22840535
On Tue, Sep 24, 2013 at 7:58 AM, Georgios Magklaras <georgios@biotek.uio.no> wrote:
Hi,
Do you have best recipes for SFTP/Aspera upload gateway integration to Galaxy? We would welcome advise on that matter.
Hi, I haven't implemented yet, but I'm planning on using plain scp(windows user can use WinSCP). I shouldn't have problems doing so by using this option in universe_wsgi.ini: # Add an option to the library upload form which allows authorized # non-administrators to upload a directory of files. The configured directory # must contain sub-directories named the same as the non-admin user's Galaxy # login ( email ). The non-admin user is restricted to uploading files or # sub-directories of files contained in their directory. user_library_import_dir = /local/opt/galaxy/import_dir Hope it helps, Carlos
Galaxy's FTP support uses ProFTPD, which has modules for both TLS (FTPS) and SFTP. -- James Taylor, Associate Professor, Biology/CS, Emory University On Tue, Sep 24, 2013 at 7:58 AM, Georgios Magklaras <georgios@biotek.uio.no> wrote:
Hi,
Our team at the University of Oslo is building a Life Science Portal based on Galaxy. We operate several standalone instances and we have the necessary sysadmin experience, but we really need to implement a more secure file upload mechanism than FTP (we do not like to send cleartext password credentials in the open ), and we understand that Galaxy does not integrate an upload method other than FTP with reference to this screencast:
http://screencast.g2.bx.psu.edu/quickie_17_ftp_upload/flow.html
One possible solution for this is to setup an SFTP upload server with a huge scratch space, that runs the SFTP upload gateway on one end and an IP restricted FTP server on the other, so that users can then upload/index the SFTP uploaded data into their Galaxy session via the URL upload field. This two step process might be a bit cumbersome for some of our users and we are looking for ways to simplify it.
Do you have best recipes for SFTP/Aspera upload gateway integration to Galaxy? We would welcome advise on that matter.
GM
Best regards,
-- -- George Magklaras PhD RHCE no: 805008309135525
Head of IT/Senior Systems Engineer Biotechnology Center of Oslo and the Norwegian Center for Molecular Medicine/ Vitenskapelig Databehandling (VD) - Research Computing Services - USIT
EMBnet TMPC Chair
http://folk.uio.no/georgios http://www.uio.no/english/services/it/research/hpc/abel/
Tel: +47 22840535
___________________________________________________________ The Galaxy User list should be used for the discussion of Galaxy analysis and other features on the public server at usegalaxy.org. Please keep all replies on the list by using "reply all" in your mail client. For discussion of local Galaxy instances and the Galaxy source code, please use the Galaxy Development list:
http://lists.bx.psu.edu/listinfo/galaxy-dev
To manage your subscriptions to this and other Galaxy lists, please use the interface at:
To search Galaxy mailing lists use the unified search at:
participants (3)
-
Carlos Borroto
-
Georgios Magklaras
-
James Taylor