|
|
Re: [sshfs] Secure Mount: msg#00017file-systems.fuse.sshfs
> > Thank you for sshfs. It's so easy and secure, it is a dream come true. I > think very few people know that this is an option, and a wonderful one at > that. > > First of all, sshfs mounts fine when I use my regular user: > # sshfs quantum@hexavalent:/ /media/hexavalent > ... although it asks for my user password. > > But I am trying to use sshfs as I did when mounting NFS via SSH. To set that > up, I used the instructions here: > http://www.howtoforge.com/nfs_ssh_tunneling > > The command I used to mount NFS was to first port-forward with: > # /usr/bin/ssh -f -i /home/sleeper/.ssh/id_rsa -2 -4 -c aes256-ctr,aes128-ctr > -L 111:localhost:111 -l sleeper hexavalent sleep 365d > ... and then mount. > > > My -goal- is to mount using sshfs, without the need for a password, by using > the server public key for a very non-privileged user. I attempted this: > # sshfs quantum@hexavalent:/ /media/hexavalent -o SSHOPT="-f -i > /home/sleeper/.ssh/id_rsa -c aes256-ctr,aes128-ctr -l sleeper" > ... but it says that SSHOPT= is not a valid FUSE option. OK, no it's not, > but it is unclear where SSH lets off and FUSE picks up? > > I also tried: > # sshfs sleeper@hexavalent:/ /media/hexavalent > ... but it asks me for a password. And the root password mounts the device! > > So I tried: > # su sleeper > sleeper@covalent:/etc/init.d$ sshfs hexavalent:/ /media/hexavalent > fuse: failed to exec fusermount: Permission denied > sleeper@covalent:/etc/init.d$ > ... but I am reluctant to make fusermount SetUID. > > What am I doing wrong? > > Also, is there any way to set the highest encryption, vis aes256-ctr? Maybe the help is a bit confusing. The usage is sshfs sleeper@hexavalent:/ -oIdentityFile=/home/sleeper/.ssh/id_rsa,Ciphers=aes256-ctr You cannot actually give more than one cipher, since the comma is taken as an option separator. This is a shortcoming of the fuse option parsing interface, which should have some way to escape commas. Thanks, Miklos ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV |
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| Previous by Date: | [sshfs] Error "Connection Reset By Peer" on pam_mount+sshfs (Fedora Core 6): 00017, Manuel Moran Vaquero |
|---|---|
| Next by Date: | Re: [sshfs] sshfs: pwd writes to standard err not to standard out - error when starting acroread: 00017, Miklos Szeredi |
| Previous by Thread: | [sshfs] Secure Mounti: 00017, Quantum Scientific |
| Next by Thread: | [sshfs] sshfs: pwd writes to standard err not to standard out - error when starting acroread: 00017, Bernd Kappler |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
| News | FAQ | advertise |