It concerns about FUSE1) module, which is able to attach remote directory via SSH service using SFTP protocol. File operations are converted into the SFTP commands and executed on the server side. The communication on the server side is transparent - i.e. attached directories tree and its files is possible to use almost in the same manner as local files.
fusesshfsHere you can continue with SSH service guide, because the setup is the same.
Ostrava ssh.du4.cesnet.cz
Jihlava ssh.du5.cesnet.cz
Ostrava ssh6.du4.cesnet.cz
During the login process is very important to check if fingerprint of server is valid. To verify server please use fingerprints below. All servers in one datacenter have the same RSA, DSA and ECDSA key.
Ostrava data center (du4):
ECDSA, SHA256 (du4) 9YvWE2h459dMcLWcLcD1DsrxTjqqMLD16eiSYXBVX9k ED25519, SHA256 (du4) L0AFWpSsuq+SFl2QBip4aFJEuG3JEnUxczomfEywYvc
Jihlava data center (du5):
ECDSA, SHA256 (du5) YB7YnmuMktwsFxVe5qdzy2bLU9y+0yowEcpZp82P4nk
If the key does not match, stop connecting to the server and contact us at: support@cesnet.cz If the key does not match, stop connecting to the server and contact us at: support@cesnet.cz
Here we create an empty directory (mountpoint).
$ mkdir mnt
Now we will connect remote directory from the data storage into the created mountpoint.
$ sshfs -o idmap=user username@server:/home/username/VO_storage-cache_tape mnt $ ls -l mnt total 12540 -rw-r--r-- 1 username users 10485760 Jun 22 14:16 MB10.dat -rw-r--r-- 1 username users 8388608 May 3 12:51 MB8.dat drwxr-xr-x 2 username users 10 Jun 13 15:34 backup $
After first connection there will be printed RSA fingerprint of server and sshfs will ask you, whether it should continue with the connection (for future connection is the fingerprint stored and the request will not appear anymore. The RSA fingerprint is possible to verify at keys and fingerprints page).
According to the used user authentication can command sshfs require password to your data storage or password to decrypt SSH key (passphrase). By using Kerberos system is necessary before running sshfs obtain the ticket (see options for user authentication)
fuse via command:
gpasswd -a username fuse
sshfs#username@server:/mnt /home/username/VO_storage-cache_tape fuse defaults,idmap=user 0 0
Please do not forget, that for auto-mount is necessary to use SSH key, i.e. public key must be contained in the file /home/username/.ssh/authorized_keys.
$ fusermount -u mnt $ ls -l mnt total 0 $
We can often require to connect our remote data storage automatically without entering a command i.e. transparently. For this case we can use AutoFS tool, which additionally execute reconnect in case of connection breakdown.
autofsMain configuration file of AutoFS is /etc/auto.master. Here we will insert the line:
/storage /etc/auto.sshfs uid=1000,gid=1000,--timeout=30,--ghost
By this way we specify, that if someone access the /storage directory, so there should be executed auto-mount using the /etc/auto.sshfs definition. Timeout specifies a disconnection after specific time of inactivity. UID and GID belong to the user, which can use FUSE.
We will insert following line into /etc/auto.sshfs
server1 -fstype=fuse,rw,nodev,nonempty,noatime,allow_other,max_read=65536 :sshfs\#username@server\:
Wherein server1 introduces subdirectory of directory /storage, i.e. remote data storage will be after connecting mounted into /storage/server1. Do not forget to change username and server address (username@server).
Now we have AutoFS configured to work with SSHFS.
CESNET, z. s. p. o.
Generála Píky 26
16000 Prague 6
Tel: +420 234 680 222
Fax: +420 224 320 269
info@cesnet.cz
Tel: +420 234 680 222
GSM: +420 602 252 531
Fax: +420 224 313 211
support@cesnet.cz