Syntax Error - Press Play on Tape -

17Sep/130

sshfs and autofs – The perfect marriage

Creddz go to Thomas Jansson at http://www.tjansson.dk/?p=84.

What is sshfs and why is it so great?

sshfs is a file system in userspace (FUSE) and can be used to mount a remote ssh account locally in a folder. This is absolutely great – If I need to work on files from my server I can use the simple command:
sithson@dagobah:~$sshfs sithson@dagobah: sshfs/

which mounts the remote file system on bar.com over a encrypted connection to the folder sshfs/ – none of the programs is aware the files are remote and working on a file in the folder sshfs/ is the same as for local files – at least if the connection is fast enough.

What is autofs and what why is this even better than plain sshfs?

The great thing thing about autofs is that the line above is no longer needed. The mounting of the remote file system is done in the moment I try to access the folder by the autofs daemon. sshfs and autofs together makes a encrypted remote file system available to the user and the system in a totally transparent way. Once the setup is complete the user will never need to know that the files are actually on a remote server.

Installation of FUSE

The installation is pretty straight forward. First the packages needs to be loaded.
root@dagobah:~# apt-get install sshfs fuseutils autofs

Second the module needs to be loaded into the kernel:
root@dagobah:~# modprobe fuse

and since this module should be loaded on every startup of the computer the line:
fuse
should be added to the file /etc/modules. The last part of setting up FUSE is to add the users which should be able to use FUSE to the FUSE usergroup.
root@dagobah:~# usermod -a -G fuse sithson

This will work when logged out and in again.

Configuring ssh and autofs

First I need to create a set of ssh-keys so I don’t have to write my password every time the connection is established.
root@dagobah:~# ssh-keygen -t dsa

Next the public key needs to be transported to the remote server (bar.com) with the login "sithson".
root@dagobah:~#ssh-copy-id -i .ssh/id_rsa.pub sithson@dagobah

Now I need to create a folder where the remote folder should be mounted.
root@dagobah:~# mkdir /mnt/sshfs

The next thing is to add a line to the file /etc/auto.master but before this is done. I need to know the userid, so I run:
sithson@dagobah:~$cat /etc/passwd | grep sithson
sithson:x:1000:1000:sithson,,,:/home/sithson:/bin/bash

So my userid is 1000. The file in /etc/auto.master now needs the line:
/mnt/sshfs /etc/auto.sshfs uid=1000,gid=1000,--timeout=30,--ghost

And finally we need to create the file /etc/auto.sshfs and add lines similar to this:
bar -fstype=fuse,rw,nodev,nonempty,noatime,allow_other,max_read=65536 :sshfs\#sithson@dagobah\:

This will mount the remote system in the folder /mnt/sshfs/bar/ every time I access that folder. If I’m not using the folder for 30 seconds it will be unmounted. Absolutely amazing and very very useful.

Epilogue

If you have several servers you just need to add line for each in the file /etc/auto.sshfs. Finally it should also be stated that the are some security considerations to take into account. If this done on a laptop and the laptop is stolen the burglar could gain access to the remote systems.

References
http://www.mccambridge.org/blog/2007/05/totally-seamless-sshfs-under-linux-using-fuse-and-autofs/
http://www.tjansson.dk/?p=18 - In danish on sshfs, encfs and FUSE.

Tagged as: , , No Comments