If you can access it via SSH, you can mount it on your filesystem, giving you secure access to your favorite stuff.
Samba has transformed how Penguinistas interact on networks with Windows machines and even other Linux boxes. In particular, I often use smbfs (short for "Samba filesystem") to mount a Samba share on my box for easy access. For example, I have two computers on my network: a server named sophocles and a laptop named euripides. A huge collection of music can be found on sophocles at /var/music, but I want easy access to those goodies from euripides. Using Samba on sophocles, I share /var/music, and using smbfs on euripides, I mount /var/music on my server sophocles to /home/scott/tunes on my laptop euripides. By doing so, it appears to me while I'm using euripides as though tunes is just another local folder on my laptop, so I can read files from it, save to it, and do anything else I could if that folder were in fact on my machine.
This is great, except that there are some issues. Setting up Samba can be a royal pain, so any time I can use something simpler, I jump at the chance. Second, Samba shares aren't secure by default. Call me paranoid, but I don't like anything flowing over a network that isn't encrypted. Yes, it's possible to tunnel Samba using SSH, but that just adds more time and trouble on top of the royal pain that Samba sometimes causes. Finally, Samba was designed for LANs, not the wild and woolly Internet, so accessing shares remotely is out of the question (yes, there are ways to do it, but it's just not a good idea on today's Net...and it causes yet more complication!).
But I'm here to tell you that there's a better way: sshfs, the SSH filesystem. Instead of Samba, it uses SSH. All the problems I listed previously are obviated when you switch to SSH. SSH is a breeze to set up and use. All SSH traffic is encrypted, hence the name Secure SHell. And SSH was designed for use on LANs as well as the big, bad Internet, so it's a great choice no matter where you are.
To go back to my original example, I can SSH from euripides to sophocles (and vice versa, for that matter), so I now use sshfs to mount /var/music on sophocles to /home/scott/tunes on euripides. It's easy, it's encrypted, and if this is a connection I'm going to need all the time, I can set things up in /etc/fstab to automate the whole process. Ready to try it out?
Before doing anything else, make sure that you can SSH from the client to the server:
$ ssh scott@sophocles
Linux sophocles 2.6.15-18-386 #1 PREEMPT Thu Mar 9 14:41:49 UTC 2006 i686 GNU/Linux
The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.
Last login: Sun Mar 12 13:59:45 2006
$ exit
If you can't SSH in, you need to set that up:
• On an Ubuntu server, use sudo apt-get install ssh.
• On Windows, install Cygwin, available from http://www.cygwin.com, and install OpenSSH as a service.
• On the Mac, enable Remote Login in System Preferences Sharing Services.
If you can successfully SSH in to the server, you're finished with that machine (see how much simpler this is than it would be if you were using Samba?).
Now you need to focus on the local computer. Make sure you've enabled the universe archive in your /etc/apt/sources.list file.
Once you've done so, install sshfs:
$ sudo apt-get install sshfs
You'll be told that apt is going to have to install some additional packages in addition to sshfs (fuse-utils and libfuse2), so go ahead and approve apt's request.
When apt finishes installing your new software, it's time to fix some permissions so that normal users can mount and unmount using sshfs. If you leave out this step, mounting and unmounting will require the use of sudo and knowledge of the root password, which you probably don't want. Better to go ahead and run this command, which grants all users on your system execute permission for the fusermount command, used by sshfs to perform its magic:
$ sudo chmod +x /usr/bin/fusermount
Now you need to make the mount point you plan to use on your local machine. In my case, this would be /home/scott/tunes:
$ mkdir /home/scott/tunes
In order for sshfs to work, you have to load the fuse module. For now, go ahead and run this command:
$ sudo modprobe fuse
I know you don't want to have to run that command every time you want to mount with sshfs, so use the following command to tell Ubuntu to automatically load the fuse module when you boot:
$ sudo sh -c "echo 'fuse' >> /etc/modules"
Be very careful and use >> instead of > (in other words, append instead of overwrite)! If you accidentally use >, you will hose your box and none of your modules will load on boot. For that reason alone, you really should back up up /etc/modules first, with sudo cp /etc/modules /etc/modules_bak.
Now for the final step: mount /var/music on sophocles to /home/scott/tunes on euripides. The syntax of the command is as follows:
$ sshfs
user@
[
IP
|
HOSTNAME of remote machine
]
:/shared/path /local/mount/point
If your username is the same on the remote and local machines, you can leave it off. DNS will work either on your LAN, if you have an entry for the server in your /etc/hosts file, or over the Net to a machine with a registered address. Otherwise, use the computer's IP address. If you don't specify a path after the colon, sshfs mounts the home directory for the SSH user, which may be all that you want. In my case, my username is the same on both boxes, I have an entry for sophocles in the /etc/hosts file, and I want to mount a specific directory on the computer, so my command looks like this:
$ sshfs sophocles:/var/music /home/scott/tunes
If you get the error "fusermount: failed to open /dev/fuse: Permission denied," add yourself to the fuse group with sudo addgroup username fuse, log out, log back in again, and try the command again.
Now I can open my favorite music player, point it to /home/scott/tunes, and start enjoying jazz, rock, country, or whatever it is that floats my boat. Remember, it's all secure, so I don't have to worry about anyone sniffing packets and finding out what's moving around on my network.
To unmount, you have a choice. You can use the fusermount command with the -u option (for "unmount"):
$ fusermount -u /home/scott/tunes
Or it might be simpler just to use the good ol' umount command:
$ sudo umount /home/scott/tunes
If I knew that I wanted to make my connection to sophocles whenever I booted, I could add the following to /etc/fstab:
sophocles:/var/music /home/scott/tunes fuse defaults 0 0
The first three items are different from the usual fstab entries, with the first two exactly like the sshfs command you just used, and fuse indicating to your computer the kind of filesystem it's going to mount. If you want to change the other entries and you know what you're doing (run man fstab to learn more), go right ahead.
Once you discover sshfs, you're going to use it all the time. There's no reason not to: it works beautifully, and the added benefit of security is icing on the cake. Thank you, sshfs!