From: Quantum S. <In...@qu...> - 2006-12-13 15:49:22
|
Hello, Thank you for sshfs. It's so easy and secure, it is a dream come true. I think very few people know that this is an option, and a wonderful one at that. First of all, sshfs mounts fine when I use my regular user: # sshfs quantum@hexavalent:/ /media/hexavalent ... although it asks for my user password. But I am trying to use sshfs as I did when mounting NFS via SSH. To set that up, I used the instructions here: http://www.howtoforge.com/nfs_ssh_tunneling The command I used to mount NFS was to first port-forward with: # /usr/bin/ssh -f -i /home/sleeper/.ssh/id_rsa -2 -4 -c aes256-ctr,aes128-ctr -L 111:localhost:111 -l sleeper hexavalent sleep 365d ... and then mount. My -goal- is to mount using sshfs, without the need for a password, by using the server public key for a very non-privileged user. I attempted this: # sshfs quantum@hexavalent:/ /media/hexavalent -o SSHOPT="-f -i /home/sleeper/.ssh/id_rsa -c aes256-ctr,aes128-ctr -l sleeper" ... but it says that SSHOPT= is not a valid FUSE option. OK, no it's not, but it is unclear where SSH lets off and FUSE picks up? I also tried: # sshfs sleeper@hexavalent:/ /media/hexavalent ... but it asks me for a password. And the root password mounts the device! So I tried: # su sleeper sleeper@covalent:/etc/init.d$ sshfs hexavalent:/ /media/hexavalent fuse: failed to exec fusermount: Permission denied sleeper@covalent:/etc/init.d$ ... but I am reluctant to make fusermount SetUID. What am I doing wrong? Also, is there any way to set the highest encryption, vis aes256-ctr? Best, Bill Southwell |
From: Miklos S. <mi...@sz...> - 2006-12-14 11:07:50
|
> > Thank you for sshfs. It's so easy and secure, it is a dream come true. I think very few people know that this is an option, and a wonderful one at that. > > First of all, sshfs mounts fine when I use my regular user: > # sshfs quantum@hexavalent:/ /media/hexavalent > ... although it asks for my user password. > > But I am trying to use sshfs as I did when mounting NFS via SSH. To set that up, I used the instructions here: > http://www.howtoforge.com/nfs_ssh_tunneling > > The command I used to mount NFS was to first port-forward with: > # /usr/bin/ssh -f -i /home/sleeper/.ssh/id_rsa -2 -4 -c aes256-ctr,aes128-ctr -L 111:localhost:111 -l sleeper hexavalent sleep 365d > ... and then mount. > > > My -goal- is to mount using sshfs, without the need for a password, by using the server public key for a very non-privileged user. I attempted this: > # sshfs quantum@hexavalent:/ /media/hexavalent -o SSHOPT="-f -i /home/sleeper/.ssh/id_rsa -c aes256-ctr,aes128-ctr -l sleeper" > ... but it says that SSHOPT= is not a valid FUSE option. OK, no it's not, but it is unclear where SSH lets off and FUSE picks up? > > I also tried: > # sshfs sleeper@hexavalent:/ /media/hexavalent > ... but it asks me for a password. And the root password mounts the device! > > So I tried: > # su sleeper > sleeper@covalent:/etc/init.d$ sshfs hexavalent:/ /media/hexavalent > fuse: failed to exec fusermount: Permission denied > sleeper@covalent:/etc/init.d$ > ... but I am reluctant to make fusermount SetUID. > > What am I doing wrong? > > Also, is there any way to set the highest encryption, vis aes256-ctr? Maybe the help is a bit confusing. The usage is sshfs sleeper@hexavalent:/ -oIdentityFile=/home/sleeper/.ssh/id_rsa,Ciphers=aes256-ctr You cannot actually give more than one cipher, since the comma is taken as an option separator. This is a shortcoming of the fuse option parsing interface, which should have some way to escape commas. Thanks, Miklos |