First, if you ever have set up a shh key for connecting to remote server, you need to be aware that password-less shh key only works when your home directory on the server is not 777 (writable by others).
see this stackexchange post .
Second, I was following https://www.cyberciti.biz/faq/how-to-mount-remote-directory-filesystems-with-sshfs-on-linux/ to set up sshfs on my ubuntu machine. I put down a gist below.
This is the default behavior for SSH. It protects user keys by enforcing rwx------ on $HOME/.ssh and ensuring only the owner has write permissions to $HOME. If a user other than the respective owner has write permission on the $HOME directory, they could maliciously modify the permissions on $HOME/.ssh, potentially hijacking the user keys, known_hosts, or something similar. In summary, the following permissions on $HOME will be sufficient for SSH to work.
- rwx------
- rwxr-x---
- rwxr-xr-x
SSH will not work correctly and will send warnings to the log facilities if any variation of g+w or o+w exists on the $HOME directory. However, the administrator can override this behavior by defining StrictModes no in the sshd_config (or similar) configuration file, though it should be clear that this is not recommended.
- Install sshfs
sudo apt-get install sshfs
## check if fuse group is present
cat /etc/group | grep fuse
## check allow_other cat /etc/fuse.confIf fuse group is not present, which is in my case, I have to add it mannually
# add fuse group
sudo groupadd fuse
# add user to the fuse group
sudo gpasswd -a $USER fuse
- make a folder for mount point
sudo mkdir /mnt/shark
sudo chown mtang1 /mnt/shark
#
sshfs -o allow_other railab: /mnt/shark
ls /mnt/shark
# it requires sudo to write
# unmount
fusermount -u /mnt/shark
No comments:
Post a Comment