Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
mount sshfs on boot
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
nomadicME
n00b
n00b


Joined: 24 Mar 2012
Posts: 46

PostPosted: Wed Jun 27, 2012 11:19 pm    Post subject: mount sshfs on boot Reply with quote

/etc/init.d/net.wlan0 and /etc/init.d/net.eth0 are both set to run in the boot runlevel.

I have three lines in /etc/fstab similiar to this:

sshfs#username@host:/home/username /home/username/sshfs/home fuse defaults,idmap=user,allow_other,reconnect,uid=1000,gid=100 0 0

during boot I see these three lines:

read: Connection reset by peer
read: Connection reset by peer
read: Connection reset by peer

After logging in, I check and sure enough the sshfs mounts did not mount. If I then run sudo mount -a, then the filesystems are mounted as expected.

I've read the init docs http://www.gentoo.org/doc/en/handbook/handbook-x86.xml?full=1#book_part2_chap4 in which it is states:

This process then makes sure that all filesystems (defined in /etc/fstab) are mounted and ready to be used. Then it executes several scripts located in /etc/init.d, which will start the services you need in order to have a successfully booted system.

The way I interpret this is that all file systems in /etc/fstab are mounted then the init scripts are run.

If this is the case it would sound like it is impossible to mount an sshfs from fstab. Is this the case? If not, what changes do I need to make to mount these filesystems on boot? Thanks.
Back to top
View user's profile Send private message
khayyam
Watchman
Watchman


Joined: 07 Jun 2012
Posts: 6227
Location: Room 101

PostPosted: Thu Jun 28, 2012 1:06 am    Post subject: Reply with quote

nomadicME ...

At boot there is no means of authenticating, this is why you recieve "connection reset by peer". So, you need to provide some method of authenticating (ie: a key):

Code:
sshfs#username@host:/home/username /home/username/sshfs/home fuse defaults,IdentityFile=/path/to/privatekey,idmap=user,allow_other,reconnect,uid=1000,gid=100 0 0

This "privatekey" needs to be passwordless (as there is no interactive method of providing the passphrase at boot), and the public key should be appended/added to host:/home/username/.ssh/authorized_keys. I'd suggest you create a seperate private key just for the this purpose.

Its been sometime since I did this so I'm mostly working from memory ... but this seems to be your problem. I suspect that the 'mount -a' works once your logged in as the key is then available.

HTH & best ...

khay
Back to top
View user's profile Send private message
Ant P.
Watchman
Watchman


Joined: 18 Apr 2009
Posts: 6920

PostPosted: Thu Jun 28, 2012 1:20 am    Post subject: Reply with quote

You can make it noauto and run "su username -c 'mount /home/username/sshfs/home';" from an /etc/local.d script. You'll need a corresponding stop script because openrc gets confused by fuse on shutdown too.
Back to top
View user's profile Send private message
nomadicME
n00b
n00b


Joined: 24 Mar 2012
Posts: 46

PostPosted: Thu Jun 28, 2012 1:39 am    Post subject: Reply with quote

khayyam wrote:
nomadicME ...

At boot there is no means of authenticating, this is why you recieve "connection reset by peer". So, you need to provide some method of authenticating (ie: a key):

Code:
sshfs#username@host:/home/username /home/username/sshfs/home fuse defaults,IdentityFile=/path/to/privatekey,idmap=user,allow_other,reconnect,uid=1000,gid=100 0 0

This "privatekey" needs to be passwordless (as there is no interactive method of providing the passphrase at boot), and the public key should be appended/added to host:/home/username/.ssh/authorized_keys. I'd suggest you create a seperate private key just for the this purpose.

Its been sometime since I did this so I'm mostly working from memory ... but this seems to be your problem. I suspect that the 'mount -a' works once your logged in as the key is then available.

HTH & best ...

khay
,

Right you are khayyam. Damn, for the longest time I thought this was an init script timing issue. Now that I think about it, this worked as previously configured for a short time last year. I seem to recall some security issues with ssh around the same time.

It pays to ask. Thank you.
Back to top
View user's profile Send private message
devilheart
l33t
l33t


Joined: 17 Mar 2005
Posts: 848
Location: Villach, Austria

PostPosted: Thu Jun 28, 2012 7:24 am    Post subject: Reply with quote

khayyam wrote:
nomadicME ...

At boot there is no means of authenticating, this is why you recieve "connection reset by peer". So, you need to provide some method of authenticating (ie: a key):

Code:
sshfs#username@host:/home/username /home/username/sshfs/home fuse defaults,IdentityFile=/path/to/privatekey,idmap=user,allow_other,reconnect,uid=1000,gid=100 0 0

This "privatekey" needs to be passwordless (as there is no interactive method of providing the passphrase at boot), and the public key should be appended/added to host:/home/username/.ssh/authorized_keys. I'd suggest you create a seperate private key just for the this purpose.

Its been sometime since I did this so I'm mostly working from memory ... but this seems to be your problem. I suspect that the 'mount -a' works once your logged in as the key is then available.

HTH & best ...

khay
Shouldn't mount automatically check the private key in ~/.ssh/id_rsa (o similar) when the public key is supplied in the authorized keys file?
Back to top
View user's profile Send private message
khayyam
Watchman
Watchman


Joined: 07 Jun 2012
Posts: 6227
Location: Room 101

PostPosted: Thu Jun 28, 2012 11:06 am    Post subject: Reply with quote

devilheart wrote:
Shouldn't mount automatically check the private key in ~/.ssh/id_rsa (o similar) when the public key is supplied in the authorized keys file?

devilheart ... yes, if mount is run by a user, but at boot who's $HOME is to be checked? In my experience (and as I said, its some time ago I did this so I'm completely going by memory) you need to supply the path to the private key.

best ... khay
Back to top
View user's profile Send private message
devilheart
l33t
l33t


Joined: 17 Mar 2005
Posts: 848
Location: Villach, Austria

PostPosted: Thu Jun 28, 2012 11:35 am    Post subject: Reply with quote

khayyam wrote:
devilheart wrote:
Shouldn't mount automatically check the private key in ~/.ssh/id_rsa (o similar) when the public key is supplied in the authorized keys file?

devilheart ... yes, if mount is run by a user, but at boot who's $HOME is to be checked? In my experience (and as I said, its some time ago I did this so I'm completely going by memory) you need to supply the path to the private key.

best ... khay
Isn't an username specified on the mount line? That should be the $HOME to check
Back to top
View user's profile Send private message
khayyam
Watchman
Watchman


Joined: 07 Jun 2012
Posts: 6227
Location: Room 101

PostPosted: Thu Jun 28, 2012 1:23 pm    Post subject: Reply with quote

devilheart wrote:
Isn't an username specified on the mount line? That should be the $HOME to check

devilheart ... that would be the username on the remote side.

best ... khay
Back to top
View user's profile Send private message
devilheart
l33t
l33t


Joined: 17 Mar 2005
Posts: 848
Location: Villach, Austria

PostPosted: Thu Jun 28, 2012 2:49 pm    Post subject: Reply with quote

Right, I took for granted that the user names were the same on both ends. Could be a good default, though
Back to top
View user's profile Send private message
khayyam
Watchman
Watchman


Joined: 07 Jun 2012
Posts: 6227
Location: Room 101

PostPosted: Thu Jun 28, 2012 5:16 pm    Post subject: Reply with quote

devilheart wrote:
Right, I took for granted that the user names were the same on both ends. Could be a good default, though

devilheart ... but still, the default is that of the user running the process, and their env, and in the case of the boot process these will be run as root but not from a root shell (so the environment is missing).

best ... khay
Back to top
View user's profile Send private message
twobit
Tux's lil' helper
Tux's lil' helper


Joined: 22 Jul 2011
Posts: 76

PostPosted: Tue Nov 13, 2012 11:34 pm    Post subject: Reply with quote

how would i change the port number in the startup line?
Back to top
View user's profile Send private message
khayyam
Watchman
Watchman


Joined: 07 Jun 2012
Posts: 6227
Location: Room 101

PostPosted: Wed Nov 14, 2012 7:36 am    Post subject: Reply with quote

twobit wrote:
how would i change the port number in the startup line?

twobit .... (man sshfs) '-p PORT' equivalent to '-o port=PORT'

best ... khay
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum