Reputation: 79
Auto-mounting of remote folder with SSHFS without giving shell access?
I have built two VMs inside Proxmox, let's call them A and B, and both of them are running ubuntu 20.04.
For A, it has a 2 TB SSD passed to it which it mounts on boot. I would like system B to mount a folder in A (located at /mnt/SSD/folderB) automatically when B boots. To do so, I have added a user, remoteB, on system A without granting shell access, and I jailed its SFTP access within folderB. On doing so, I could SFTP to system A using the user "remoteB" on any other systems.
By installing SSHFS on system B, I was able to mount the drive on system B with the configurations above (I followed this tutorial:https://linuxize.com/post/how-to-use-sshfs-to-mount-remote-directories-over-ssh/)
Then, I wanted to auto-mount folderB on system B as it boots. From the tutorial, I need to setup "SSH key-based authentication" between system A and system B. It seems I need to grant shell access to a user in order for the above to work, did I misunderstand something?
Is it possible to do so without granting remoteB shell access on systemA?
Upvotes: 1
Views: 2434
Answers (1)
Reputation: 4667
Key-based authentication means that you use public/private key files instead of passwords so that SSH can authenticate the user without waiting for you to enter a password during boot. If you haven't done it yet, start with man ssh-keygen. Copy the public key to A in /home/user/.ssh/authorized_keys and private key to B.
You need a valid user on A in any case (whether authenticating with password or public key).
If you are only using SSH for tunnels and file transfers, you don't need to give this user a shell access. You can achieve this simply by configuring /bin/nologin as the user's shell in /etc/passwd (e.g. usermod -s /bin/nologin user). Note that without a shell, you will also need ForceCommand internal-sftp in A's sshd_config. See here for more info.
To specify private key on B, you can use IdentityFile ssh option, either in mount options or in .ssh/config. Note that the mounting during boot is done by root.
Alternatively, you can also use autofs which will automount your remote filesystem when it's accessed and not during boot. Keep in mind that mounting network shares during boot is problematic because (a) the network might be down or (b) the networking stack might not be started yet. This could cause your system to fail to boot. See here for more info on autofs.
Upvotes: 2
Related Questions
- Detecting a remote mount
- mount remote file system using sshfs and without root permission
- automount w/ sshfs on macOS catalina
- Automate a Mount of a Remote Directory in Bash Using sshfs and expect
- Permanent mount volume via sshfs Sierra
- Mounting remote file-system or directory into local Linux machine
- How to mount a folder on amazon ec2 instance with private key using sshfs
- Mounting a remote file system (sshfs) through an intermediate machine
- autofs/sshfs not adhere to remote permissions
- sshfs mount point without a previously made folder