CentOS 6.x / Debian / Ubuntu: NFS or SMB/CIFS alternative sshfs
Situation: For whatsoever reason neither NFS nor SMB/CIFS are a runner on the environment. However I need to get permanent access to a shared filesystem.
Solution: sshfs http://en.wikipedia.org/wiki/SSHFS It is more than likely that ssh is running and any kind of authentication is setup. Sshfs is an userspace filesystem (fuse) mounting a remote directory over ssh using sftp. In fuse every user could mount his own filesystem through sshfs without the need of being root. In the below example I do it as root and share it with other users but it could be any other user.
Note: This is a quick and dirty proof of concept. For further security needs please use this as a starting point and apply your own security needs (ssh keys, user auth, limited access, etc)
With the below how-to I was able to make it fly under CentOS 6.x, Debian 7 and Ubuntu 13.04. However, it didn’t work under Linux Mint 15 (some general network errors that the network is not available at the boot process when placing it into the fstab, else it worked fine) and under any OpenVZ and LXC guest. It works fine under KVM and vmware guests.
Installation
Debian/Ubuntu: the packages are part of the default repo’s so all you need to do is
# apt-get install sshfs Reading package lists... Done Building dependency tree Reading state information... Done The following extra packages will be installed: fuse libffi5 libfuse2 libglib2.0-0 libglib2.0-data libusb-1.0-0 pciutils shared-mime-info udev usbutils The following NEW packages will be installed: fuse libffi5 libfuse2 libglib2.0-0 libglib2.0-data libusb-1.0-0 pciutils shared-mime-info sshfs udev usbutils 0 upgraded, 11 newly installed, 0 to remove and 0 not upgraded. Need to get 5264 kB of archives. After this operation, 19.6 MB of additional disk space will be used. Do you want to continue [Y/n]?
CentOS:
In CentOS (same for RedHat) you will need to get the required packages from epel.
rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm # yum install sshfs Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirrors.vooservers.com * epel: vesta.informatik.rwth-aachen.de * extras: mirrors.vooservers.com * updates: mirrors.ukfast.co.uk Setting up Install Process Resolving Dependencies --> Running transaction check ---> Package fuse-sshfs.x86_64 0:2.4-1.el6 will be installed --> Processing Dependency: fuse >= 2.2 for package: fuse-sshfs-2.4-1.el6.x86_64 --> Processing Dependency: libfuse.so.2(FUSE_2.7)(64bit) for package: fuse-sshfs-2.4-1.el6.x86_64 --> Processing Dependency: libfuse.so.2(FUSE_2.6)(64bit) for package: fuse-sshfs-2.4-1.el6.x86_64 --> Processing Dependency: libfuse.so.2(FUSE_2.5)(64bit) for package: fuse-sshfs-2.4-1.el6.x86_64 --> Processing Dependency: libfuse.so.2(FUSE_2.4)(64bit) for package: fuse-sshfs-2.4-1.el6.x86_64 --> Processing Dependency: libfuse.so.2(FUSE_2.2)(64bit) for package: fuse-sshfs-2.4-1.el6.x86_64 --> Processing Dependency: libfuse.so.2()(64bit) for package: fuse-sshfs-2.4-1.el6.x86_64 --> Running transaction check ---> Package fuse.x86_64 0:2.8.3-4.el6 will be installed --> Processing Dependency: kernel >= 2.6.14 for package: fuse-2.8.3-4.el6.x86_64 ---> Package fuse-libs.x86_64 0:2.8.3-4.el6 will be installed --> Running transaction check ---> Package kernel.x86_64 0:2.6.32-358.18.1.el6 will be installed --> Processing Dependency: kernel-firmware >= 2.6.32-358.18.1.el6 for package: kernel-2.6.32-358.18.1.el6.x86_64 --> Processing Dependency: grubby >= 7.0.4-1 for package: kernel-2.6.32-358.18.1.el6.x86_64 --> Processing Dependency: dracut-kernel >= 002-18.git413bcf78 for package: kernel-2.6.32-358.18.1.el6.x86_64 --> Processing Dependency: /sbin/new-kernel-pkg for package: kernel-2.6.32-358.18.1.el6.x86_64 --> Processing Dependency: /sbin/new-kernel-pkg for package: kernel-2.6.32-358.18.1.el6.x86_64 --> Running transaction check ---> Package dracut-kernel.noarch 0:004-303.el6 will be installed --> Processing Dependency: dracut = 004-303.el6 for package: dracut-kernel-004-303.el6.noarch ---> Package grubby.x86_64 0:7.0.15-3.el6 will be installed ---> Package kernel-firmware.noarch 0:2.6.32-358.18.1.el6 will be installed --> Running transaction check ---> Package dracut.noarch 0:004-303.el6 will be installed --> Processing Dependency: plymouth >= 0.8.0-0.2009.29.09.19.1 for package: dracut-004-303.el6.noarch --> Processing Dependency: plymouth-scripts for package: dracut-004-303.el6.noarch --> Processing Dependency: kbd for package: dracut-004-303.el6.noarch --> Processing Dependency: file for package: dracut-004-303.el6.noarch --> Processing Dependency: dash for package: dracut-004-303.el6.noarch --> Running transaction check ---> Package dash.x86_64 0:0.5.5.1-4.el6 will be installed ---> Package file.x86_64 0:5.04-15.el6 will be installed ---> Package kbd.x86_64 0:1.15-11.el6 will be installed --> Processing Dependency: kbd-misc = 1.15-11.el6 for package: kbd-1.15-11.el6.x86_64 ---> Package plymouth.x86_64 0:0.8.3-27.el6.centos will be installed --> Processing Dependency: plymouth-core-libs = 0.8.3-27.el6.centos for package: plymouth-0.8.3-27.el6.centos.x86_64 --> Processing Dependency: libply.so.2()(64bit) for package: plymouth-0.8.3-27.el6.centos.x86_64 --> Processing Dependency: libply-splash-core.so.2()(64bit) for package: plymouth-0.8.3-27.el6.centos.x86_64 --> Processing Dependency: libdrm_radeon.so.1()(64bit) for package: plymouth-0.8.3-27.el6.centos.x86_64 --> Processing Dependency: libdrm_nouveau.so.1()(64bit) for package: plymouth-0.8.3-27.el6.centos.x86_64 --> Processing Dependency: libdrm_intel.so.1()(64bit) for package: plymouth-0.8.3-27.el6.centos.x86_64 --> Processing Dependency: libdrm.so.2()(64bit) for package: plymouth-0.8.3-27.el6.centos.x86_64 ---> Package plymouth-scripts.x86_64 0:0.8.3-27.el6.centos will be installed --> Running transaction check ---> Package kbd-misc.noarch 0:1.15-11.el6 will be installed ---> Package libdrm.x86_64 0:2.4.39-1.el6 will be installed --> Processing Dependency: libpciaccess.so.0()(64bit) for package: libdrm-2.4.39-1.el6.x86_64 ---> Package plymouth-core-libs.x86_64 0:0.8.3-27.el6.centos will be installed --> Running transaction check ---> Package libpciaccess.x86_64 0:0.13.1-2.el6 will be installed --> Finished Dependency Resolution Dependencies Resolved ============================================================================================================================================================================== Package Arch Version Repository Size ============================================================================================================================================================================== Installing: fuse-sshfs x86_64 2.4-1.el6 epel 52 k Installing for dependencies: dash x86_64 0.5.5.1-4.el6 base 74 k dracut noarch 004-303.el6 base 114 k dracut-kernel noarch 004-303.el6 base 22 k file x86_64 5.04-15.el6 base 46 k fuse x86_64 2.8.3-4.el6 base 71 k fuse-libs x86_64 2.8.3-4.el6 base 74 k grubby x86_64 7.0.15-3.el6 base 42 k kbd x86_64 1.15-11.el6 base 264 k kbd-misc noarch 1.15-11.el6 base 923 k kernel x86_64 2.6.32-358.18.1.el6 updates 26 M kernel-firmware noarch 2.6.32-358.18.1.el6 updates 11 M libdrm x86_64 2.4.39-1.el6 base 117 k libpciaccess x86_64 0.13.1-2.el6 base 24 k plymouth x86_64 0.8.3-27.el6.centos base 89 k plymouth-core-libs x86_64 0.8.3-27.el6.centos base 88 k plymouth-scripts x86_64 0.8.3-27.el6.centos base 31 k Transaction Summary ============================================================================================================================================================================== Install 17 Package(s) Total download size: 39 M Installed size: 138 M Is this ok [y/N]:
Setup:
The shared target server needs an ssh server running and is in my case 192.168.1.99:/scratch
You will need an ssh user to login and have all needed permissions.
On all systems:
Unless its root please add the intended user for the mount to the fuse group. Its of course not needed for root
sudo gpasswd -a $USER fuse
For manual mount:
sshfs username@hostname:/directory /yetanotherlocaldirectory example sshfs [email protected]:/scratch /mnt
giving your password. You can now setup as well ssh keys or give an auth file, etc.
To unmount:
fusermount -u /scratch
Permanent mount in the /etc/fstab
vi /etc/fstab
insert:
example
sshfs#my-remote-user@my-remote-host:/home/my-remote-user /my-local-filesystem/remotefs fuse defaults 0 0
sshfs#[email protected]:/scratch /scratch fuse defaults,idmap=user,allow_other,compression=yes 0 0
for the available mount options please refer to http://en.digipedia.org/man/doc/view/sshfs.1/Since I mount it as root I use allow_other to allow the mountpoint to be used by other users on the system, idmap=user to avoid issues around my different uids on the servers (jaja, I was too lazy to setup ldap to the testbox), and compression cause I always drive it to the limit and squeeze the max out of the connection.
