At home i have a unix (unslung) based router with an usb harddisk mounted on it wich supports ssh and scp
My goal is to have access to that remote file system as it was a local file system from the folder /RemoteDiskSSH on my Laptop running Ubuntu 7.10
I want it to be a secure connection because i allso want to be able to have access to the remote file system over the internet.
For me automaticly mounting and dismounting the remote drive with sshfs is the solution for me.
As I justinstalled gutsy Ubuntu 7.10 I wrote along this howto in order to document it for my self but allso for others to use. .
First the package sshfs is needed.
This can be installed with the synaptics package manager. Search for sshfs, mark it and have it installed.
After installed sshfs installed, test if you can mount a ssh/scp accessable remote file system.
create a directory where you want to mount it on
sudo mkdir /RemoteDiskSSH
Mount the desired remote directory on your local file system.
If all went oke you can now access the remote file system as it was a local file system from the local folder /RemoteDiskSSH
sudo sshfs email@example.com:/Remote/Directory/to/mount /RemoteDiskSSH
Want to be able to use the local rights system on that folder? (just if you dont want to go on but want to be able to mount a remote filesystem and have the
sudo ls /RemoteDiskSSH
local rights translated to it.)
now the local rights system will work for this mount
sudo sshfs -o allow_other,default_permissions firstname.lastname@example.org:/Remote/Directory/to/mount /RemoteDiskSSH
to unmount it just give the command
As i want the remote directory mount automaticly (with autofs described later on)
sudo fusermount -u /RemoteDiskSSH
i need a passwordless ssh login. This can be done with help of generating public keys.
A public key for the local system is generated with the command:
(hit enter so its saved in your home directory under .ssh/id_rsa
(hit enter for no passphrase)
you have now a .ssh directory with two files
id_rsa and id_rsa.pub
id_rsa is your private key ! protect it well let only YOU have rights on it (default) as if this gets compromised
anyone can gain access to your remote host
id_rsa.pub is the public key it is readable by others and this is what you have to send to the remote host so it can have it in its authorized_keys file
Copy now the public key to the remote machine
scp ~/.ssh/id_rsa.pub email@example.com:~/.
logon with an ssh client to the remote machine the id_rsa.pub file content must be added to the authorized_keys file in the .ssh directory of the homedir of the user you want to connect as.
In this example the remote users home directory
A alternative simpeler way to get your public key in the authorized_keys file of your remote host is with ssh-copy-id
cat ~/id_*.pub >> ~/.ssh/authorized_keys
from your local machine type
this does the whole process of copying your public key to the remote machnes users homedir in .ssh in authorized_keys
ssh-copy-id -i ~/.ssh/id_rsa.pub firstname.lastname@example.org
and sets the rights oke
As later on the mount is done by the local root user you need the public key of root too.
so give command
to open a command terminal as user root and repeat the above procedure.
after this the file authorized_keys at the remote station has both the public key of the local user and the local root so it works in test and in production later when root does the mounwork....
Set the right rights for the file authorized_keys or the ssh deamon ( in my case dropbear) might not want to process the authorize_keys file
logout from the remote machine and test.
chmod 0600 ~/.ssh/authorized_keys
You should now be able to login without giving a password.
If it does not work debug with ssh -v option .
(same for the sudo gnome-terminal )
If it works you can see if the mount works passwordless too
So ! thats done!!! you can now mount the remote filesystem without using a password.
sudo sshfs email@example.com:/Directory/to/mount /RemoteDiskSSH
unmount again with:
As i said i want the remote filesystem to be mounted automaticly as soon as i try to access it. This can be done with autofs.
sudo fusermount -u /RemoteDiskSSH
First install autofs by starting the synaptics package manager search for autofs, mark for install and have it installed.
theres now a auto.master configuration file in /etc
add the line
uid and gid are the local user and group id you want the mount to belong to.
RemoteDiskSSH /etc/auto.ssh uid=1000 gid=1000 -v --ghost --timeout=3600
--ghost is the directory will be ghost mounted so you see it with an ls but the actual mount is done when you access it
--timeout gives the maximum inactivity time for the mount. After that it is auto dismounted again.
One more config file is needed and that is /etc/auto,ssh
create the file and put in the following line:
You can now test the autofs mounting by starting and stopping the automount service
RemoteDiskSSH -fstype=fuse,port=22,rw,nodev,nonempty,noatime,allow_other,max_read=65536 :sshfs\#firstname.lastname@example.org\:/Directory/to/mount
in /var/log/syslog are the loggings
sudo /etc/init.d/autofs restart
start a separate command terminal and give this command to follow it all.
check if it worked
tail -f /var/log/syslog
if all is oke you see the content of the remote file system.
The same you can actually do for a windows or samba share
The question is if you want this as in Ubuntu 7.10 gutsy if you goto menu Places and then browse network locations, you can easily get to the windows shares in your network. (I prefer doing the above)
Nevertheless ill describe here how it can be done using smbfs and autofs.
first you have to install smbfs
Start the synaptics package manager, search for smbfs, mark and install it.
the line for the /etc/auto.master file is
Create the file /etc/auto.samba
/ /etc/auto.Samba --ghost -v --timeout=300
and fil it with the following line:
Then create the credentials file in /etc/samba.credentials
RemoteDiskSamba -fstype=smbfs,workgroup=WORKGROUPNAME,credentials=/etc/samba.credentials,uid=remoteuser,gid=users ://remote.server.address/ShareName
fill this file with the following lines:
take care only root can see this file
username = remoteusername
password = remotepassword
If this is done just restart the autofs
sudo chmod 600 /etc/samba.credentials
(tail -f /var/log/syslog in a seperate terminal to see the loggings)
sudo /etc/init.d/autofs restart
and see if it works.