Secure Shell File System or SSHFS is one of the simplest and most secure ways to share entire directories across different systems.SSHFS ensures security by leveraging the established encryption and authentication mechanisms of SSH, safeguarding data during transit, and ensuring secure remote file access.
File sharing is possible with SFTP or SCP however, they are mostly suited for small amounts of files and may become rather tedious when interactive file work is needed. While achieving this is possible by setting up an SMB or NFS mount, both of these methods have extra requirements on the host's end and may bring about worries about security or added complexity.
Installing SSHFS and mounting a remote filesystem
SSHFS is available for most Linux distributions. In our case, we will be using Ubuntu as an example.
sudo apt update
sudo apt install sshfs
We now have all the required packages and can proceed with mounting a filesystem. We will need an empty directory to use as a mounting point. Most Linux distros have /mnt which you can use or you can create your own. We will create a directory for this example.
sudo mkdir sshfs
Now you can mount the remote directory using the following command:
sudo sshfs -o allow_other,default_permissions "user"@"client_IP":/mnt /sshfs
The path after the: is where on the client's system we want to mount the directory the second is the path to the directory we want to export. As you can see the syntaxis is the same as SSH.
Commonly Used Flags for SSHFS
|Specifies the identity file (private key) for authentication.
|Disables host key checking, useful for automation but less secure.
|Automatically reconnects if the connection is lost.
|Enables caching for improved performance.
|Enables data compression for faster transfers.
|Allows other users to access the mounted directory.
|Applies local file permissions to remote files.
|Sends keep-alive messages to the server every 30 seconds.
You can test if everything works by creating a file in the shared directory and checking if it appears on the other system.
Host$: touch /sshfs/file
The output of ls on client's side:
Client$: ls /mnt
Permanently mounting the filesystem
You are able to permanently add a filesystem by modifying the /etc/fstab file of the host.
Use your preferred text editor:
sudo nano /etc/fstab
And add the following:
"user"@"client_IP":/mnt /sshfs fuse.sshfs defaults,_netdev,user,idmap=user 0 0
defaults,_netdev,user,idmap=user specify default options, consider it as a starting point. You can adjust these options based on your needs. The
0 0 at the end indicates the dump and pass options, which can usually be set to
0 for SSHFS mounts.