Whats is SSHFS
There are several ways to share a directory across a network. In enterprise settings, you’ll find the Network Filesystem (NFS), Samba, and various distributed filesystems. SSHFS isn’t used in enterprises quite as much, but it can still come in handy. The beauty of it is that all of its network traffic is encrypted by default, unlike with NFS or Samba. And, other than installing the SSHFS client program and creating a local mount-point directory, it doesn’t require any configuration beyond what you’ve already done.
Features of SSHFS
- Based on FUSE (Best userspace filesystem framework for linux)
- Multithreading: more than one request can be on it’s way to the server
- Allowing large reads (max 64k)
- Caching directory contents
Requirement
As stated earlier, you do not require much of a setup to configure SSHFS. Here is the list of requirements.
- 2 Centos or Ubuntu Server
- SSH Key Authentication on the Servers
Step 1: Stop the IPTables and Selinux, and Update the Date Time on the Servers and SSH Authentication on the Servers.
To stop the iptables service and disable autostart on boot:
# service iptables stop # chkconfig iptables off
To disable SELinux, make the parameter “SELINUX=disabled” in the /etc/sysconfig/selinux file.
# vi /etc/sysconfig/selinux ... SELINUX=disabled ###(Change enabled to disabled)
Generate the ssh keys and configure passwordless ssh
On Server 1:
# ssh-keygen -t rsa (Enter 3 Times) # ssh-keygen -t dsa (Enter 3 Times) # cd /root/.ssh # cat id_rsa.pub >>authorized_keys # cat id_dsa.pub >>authorized_keys
On Server 2:
# ssh-keygen -t rsa (Enter 3 Times) # ssh-keygen -t dsa (Enter 3 Times) # cd /root/.ssh # cat id_rsa.pub >>authorized_keys # cat id_dsa.pub >>authorized_keys
Now Open the authorized_keys file on both servers and Paste Server 1’s Key to Server 2’s authorized_keys File and vice-versa.
Restart the ntp service
Restart the ntp service on both the servers and reboot the servers.
# service ntpd restart # ntpdate pool.ntp.org # chkconfig ntpd on # init 6
Step 2: Install FUSE-SSHFS
For CentOS/RHEL users, Fuse SSHFS is available under epel repository, So make sure you have installed the epel repository in your system. Now execute the following command to install it.
On CentOS/RHEL:
# yum -y install epel-release # yum install -y fuse-sshfs
On Ubuntu & Dabian:
$ sudo apt-get update $ sudo apt-get install sshfs
Step 3: Mount Remote Directory
Lets mount remote server directory using sshfs, make sure remote system has running ssh server with proper ssh connectivity from your system. First create a mount point:
# mkdir /mntssh
Let’s mount the remote directory. For this example, we are mounting /home/remoteuser directory from x.x.x.x (remote.example.com) system to our local system.
# sshfs remoteuser@remote.example.com:/home/remoteuser /mntssh
Sample output:
The authenticity of host 'remote.example.com (x.x.x.x)' can't be established. RSA key fingerprint is 77:85:9e:ff:de:2a:ef:49:68:09:9b:dc:f0:f3:09:07. Are you sure you want to continue connecting (yes/no)? yes remoteuser@remote.example.com's password: yes
Step 4: Verify Mount
After mounting remote filesystem on local mount point, verify it by running mount command.
# mount /dev/mapper/vg_svr1-lv_root on / type ext4 (rw) proc on /proc type proc (rw) sysfs on /sys type sysfs (rw) devpts on /dev/pts type devpts (rw,gid=5,mode=620) tmpfs on /dev/shm type tmpfs (rw) /dev/sda1 on /boot type ext4 (rw) remoteuser@remote.example.com:/home/remoteuser on /mntssh type fuse.sshfs (rw,nosuid,nodev)
Also naviate to your mount point, you will see files there from remote system
# cd /mntssh # ls
Step 5: Mount Directory on System Boot
If you want to mount remote filesystem automatically each time when your system reboots, Add following entry to /etc/fstab file. Make sure you have have key based ssh setup between remote and local system.
# vi /etc/fstab remoteuser@remote.example.com:/home/remoteuser /mntssh fuse.sshfs defaults 0 0
Step 6: Unmount Directory
If your work is over and you don’t need the mount point anymore, simply unmount it using the following command.
# umount /mntssh