Automounting sshfs
For some time now, many of us around MIT have noticed just how awesome
sshfs is. It gives a totally lightweight way to access the
remote filesystem of any machine you have ssh to, without requiring
any extra setup on the host. I’ve been running for at least a year
now with my /data RAID on my server sshfs-mounted on my laptop, and
it works totally great.
Recently, I came across two awesome things that make sshfs even
neater. The first is the ServerAliveInterval ssh configuration
option. I (and many others) had noticed that if you changed IP
addresses (which happens all the time with our laptops), sshfs will
just kinda hang there, and so will anything that tries to access
anything in the ssfs-mounted filesystem. sshfs has a -o reconnect
option that makes it automatically reconnect the underlying ssh if it
dies, but it doesn’t solve the problem of the ssh hanging forever. The
solution, it turns out, is the ServerAliveInterval config
option. Just add
Host *
ServerAliveInterval 15
to .ssh/config, and ssh will send in-protocol keepalives every 15
seconds if the connection is idle, and die if it doesn’t receive
anything back. Combine this with -o reconnect, and everything Just
Works when you change IPs
The second cool thing is afuse, the FUSE automounter. It lets you set up an automounter for just about anything you can think of, using another FUSE filesystem itself. I simply run it as
afuse -o mount_template='sshfs -o reconnect %r:/ %m' -o unmount_template='fusermount -u -z %m' /ssh
from my .xsession, and I have a /ssh automounter! Combined with
the wonders of kerberos and public keys, so I never have to type a
password, and I can get easy remote access to just about every machine
I care about!
(Note that I did have to chown /ssh to me in order for me to be able
to run afuse as me, which is necessary for sshfs to access my
kerberos tickets and ssh keys. This is fine for my laptop, but
obviously wouldn’t work for a dialup or other multi-user machine.)
I’ve loved using automounted sshfs for a while, but I also include this in my setup:<br/><br/> ControlMaster auto<br/> ControlPath /tmp/%r@%h:%p<br/><br/>The great thing about these two lines is that it will now re-use the existing ssh connection when I want to run commands on the sshfs mounted host.<br/><br/>That is convenient, but I take that a step further and intercept some kinds (like make or find) with a wrapper script that will check to see if I’m in an sshfs mounted directory and execute the command on the remote host instead of on my local machine (something similar to what tramp mode does in emacs for executing commands remotely).
Has anyone found a way to automount user homes using sshfs and kerberos? The problem is that sshd accesses the userhome before the kerberos tickets are alive
You forgot to mention how horribly inefficient afuse is compared to mounting directly with sshfs. Even searching through directories is not practical on my gigabit lan.
Thanks for the nice hint to afuse, really great!
@afuseisslow: how can afuse be slower than sshfs if it uses sshfs itself?
OK, the author of afuse writes:
One of the most important things to note about afuse’s operation is that automounted filesystems accessed through afuse are actually accessed by proxy. Actual mounts are created in an instance specific directory in /tmp. ALL accesses to automounted filesystems apparently managed by afuse go through afuse and are proxied onto the real filesystem mounts as appropriate.
While this shouldn’t cause any operational problems, it does mean that operations on afuse automunted filesystems have considerable overhead.
So it may be better to stay with autofs…