SSHFS - Mount a remote file system via SSH in 15 minutes
3 October, 2010 - 15:31 — Kayin
Prerequisites:
None
SSHFS Mount a remote file system via SSH in 15 minutes! If I want to share files across multiple machines, I really only have a few possibilities: 1. Windows File Sharing (SMB CIFS) This option is really only feasible if you're running a modern windows network (meaning Windows XP or newer with a Win2003 or newer domain controller). Even then, great care must be taken to ensure that your file sharing is secure. The file transferring is also unecrypted over the wire unless you're explicitly using the buggy EFS (Encrypted File System) that windows comes shipped with. Once you do enable EFS you have to jump through a series of hoops to setup certificates with the domain controller. It's essentally an added layer of user permissions on top of an already over taxed user permissions system. It can be done but needs a lot of prep time. The biggest failure with Windows File Sharing is that everything has to be Windows. There is no *nix support without the use of SAMBA - a 3rd party implementation of SMB created by trial and error reverse engineering of the SMB protocol. Enough said. 2. NFS If you're in a *nix environment then you're going to go with NFS as it is the defacto standard. NFS is radically different than SMB but from a user's perspective they're fairly similar. You need a domain controller to handle user reconciliation and it uses RPC as the underlying mechanism. Ironically, to get file transfer encryption over the wire you need to either have a PKI setup or do SSH tunneling. The biggest failure here is that it's a bitch to setup NFS on Windows and get the 2 to communicate. The primary reason for this is authentication. You can do it, but it's not fun. 3. WebDAV WebDAV is file sharing over HTTP. For some sick digusting reason lately people have been using HTTP for literally everything. HTTP was NOT intended to handle large file transfers. It's not a stateful protocol. With that said - why are people so surprised that things like WebDAV perform horribly? Your CDROM is not a cupholder. Don't be surprised that it breaks when you try to have it hold an 80oz cup of Pepsi from the gas station. The same applys to software. 4. FTP, SCP, etc.. These are all great options that work wonderfully. The only part that sucks is that they're not transparent to the end user. I have to manually open up my FTP client, fill in the server information, connect - upload/download, and disconnect before I do my work. Then once I'm done I have to reupload everything. ------------------------------ Solution - Virtual File System ------------------------------ FTP and SCP are both better choices than Windows File Sharing and NFS. They do their job well and are historically more secure. So - really - all we have to do is make them easier to use. Enter: Virtual File Systems. A Virtual File System looks like a file system. You can mount an FTP site AS a drive and have full drag-and-drop capabilities. You can load up files into memory and stream by simply double clicking. Under the hood they're actually just sending commands via FTP. It's a very elegant solution. SSH is the defacto standard for unix server administration. SSH works and it's proven secure over the years. SSHFS is a virtual file system that uses SSH under the hood. The result: - No special server software. - No fancy server setup. - NO DOMAIN CONTROLLER. - Secure by default - Encrypted over the wire by default ------------------ How to setup SSHFS ------------------ LINUX ----- Virtual File Systems have been piloted on Linux so the setup can be found by a google search. In a nutshell you need the sshfs-fuse package. FUSE is "Filesystem in Userspace". It's literally a virtual file system for linux. http://fuse.sourceforge.net/ For ubuntu installation of sshfs and fuse you can follow this tutorial: https://help.ubuntu.com/community/SSHFS I've been using the Ubuntu SSHFS package for the last couple of years without trouble. WINDOWS ------- This is a bit more tricky. Virtual File Systems aren't very popular yet in Windows. However there is a nice japanese fellow who cooked up a library to do this: http://dokan-dev.net/en/ How to install -------------- 1. Install the Doken library: http://dokan-dev.net/en/download/#dokan 2. Install the Microsoft Visual C++ 2005 Redistributable: http://www.microsoft.com/downloads/details.aspx?familyid=200B2FD9-AE1A-4... 3. Install the Doken SSHFS package: http://dokan-dev.net/en/download/#sshfs 4. The Doken SSHFS package doesn't work with the most recent Doken library. To make it work you need to overwrite the DokanSSHFS.exe and the DokanNET.dll with these: http://dokan-dev.net/wp-content/uploads/dokan_sshfs_for_dokan-050.zip Once you've done that then fire it up and you should be able to connect to any SSH server and mount it as a drive in windows. I've tested the Dokan installation on my 64bit Windows 7 machine and it's working without any problems. -K