[sshfs] Secure Mount

Hello,

Thank you for sshfs.  It's so easy and secure, it is a dream come true.  I 
think very few people know that this is an option, and a wonderful one at that.

First of all, sshfs mounts fine when I use my regular user:
# sshfs quantum@hexavalent:/ /media/hexavalent
... although it asks for my user password.

But I am trying to use sshfs as I did when mounting NFS via SSH.  To set that 
up, I used the instructions here:
http://www.howtoforge.com/nfs_ssh_tunneling

The command I used to mount NFS was to first port-forward with:
# /usr/bin/ssh -f -i /home/sleeper/.ssh/id_rsa -2 -4 -c aes256-ctr,aes128-ctr 
-L 111:localhost:111 -l sleeper hexavalent sleep 365d
... and then mount.


My -goal- is to mount using sshfs, without the need for a password, by using 
the server public key for a very non-privileged user.  I attempted this:
# sshfs quantum@hexavalent:/ /media/hexavalent -o SSHOPT="-f -i 
/home/sleeper/.ssh/id_rsa -c aes256-ctr,aes128-ctr -l sleeper"
... but it says that SSHOPT= is not a valid FUSE option.  OK, no it's not, but 
it is unclear where SSH lets off and FUSE picks up?

I also tried:
# sshfs sleeper@hexavalent:/ /media/hexavalent
... but it asks me for a password.  And the root password mounts the device!

So I tried:
# su sleeper
sleeper@covalent:/etc/init.d$ sshfs hexavalent:/ /media/hexavalent
fuse: failed to exec fusermount: Permission denied
sleeper@covalent:/etc/init.d$ 
... but I am reluctant to make fusermount SetUID.

What am I doing wrong?

Also, is there any way to set the highest encryption, vis aes256-ctr?

Best,

Bill Southwell









-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV