2

I tried this sshfs without shell access, but I realized I should ask opposite way

I would love to mount remote file system automatically, over encrypted tunnel preferably using private/public keys.

It should not mean any security risk (no ssh login or so), only reading/writing to remote sub-folder (like NFS over openVpn / unlike sshfs)

It should preserve user, groups, permissions

It should be easy to configure (like sshfs / unlike NFS overVpn)

It should be in standard repositories (linux)

It should reconnect if connection drops (or ip change)

Is there such thing or am I asking too much ?

Pavel Niedoba
  • 243

1 Answers1

4

On remote server set up a sftp-only non-root account with these contents of sshd_config:

Match User pavel
ForceCommand internal-sftp
# Don't add more lines below, they will be inside a Match block.

On local system install and configure sshfs. Use -o reconnect,ServerAliveInterval=5,ServerAliveCountMax=3 like I describe in another answer. Optionally install and configure autofs, which will provide automatic mount/umount.

No ssh access: check.

Only reading/writing to remote sub-folder: check.

Preserve user, groups: only in a very limited manner (exactly like sftp command).

Preserve permissions: check (but google sftp umask)

Easy to configure (like sshfs): check.

It should be in standard Linux repositories: check.

It should reconnect if connection drops (or ip changes): check.

If you get it to work, you could also play with adding ChrootDirectory /only/this/path to sshd_config for increased security.

kubanczyk
  • 14,252