Thursday, March 12, 2009

Mounting a remote SSH file system in Ubuntu... for Windows Admins

If you're somewhat new to Ubuntu or Linux you might be looking for a way to mount something like a file share the way we would a network drive in Windows. You know... mount a Z: drive, and then browse, and modify the contents of that drive as if it were local. Well, because Ubuntu is really friendly - you probably don't have to learn a whole lot to actually start getting useful things accomplished (in Ubuntu, Places>Connect to Server gives you most of what you need). But – did you know you can also securely mount a remote file system via SSH and have it look and feel local? Or perhaps you don't know what SSH is. If this is you – then check out this mini how-to. Nothing in here is particularly difficult... but there's enough here and linked-up to more expansive how-to's as to possibly be eye-opening for you.

What do you get out of following this tutorial?

You get a secure Linux alternative to a Windows network drive mapping that works works well... especially over slow connections (VPN tunnels, modems, etc.), and that you can essentially treat as a local resource. After that, you can do even more useful stuff like use grsync/rsync to replicate differences between directory structures. If this is all new to you, you'll also get some useful exposure to openssh, scp, Putty, and SSHFS.


  1. Install the openssh server and client on the server, and the client on the client. Just use “sudo apt-get install openssh-server openssh-client”.... Like this

  2. Install putty on your client (this isn't strictly necessary - but useful for troubleshooting)...

    1. 'sudo apt-get install putty'.

  3. On your server, consider changing the the default port in SSH from 22 to something else (like 512).

    1. 'sudo editor /etc/ssh/ssh_config"... change the 'port 22' to 'port 512'... then issue a restart of ssh... 'sudo /etc/init.d/ssh restart'.

  4. If you're using a firewall on the server, make sure you open that new port you just created in the previous step.

    1. If you're using"firestarter" in Ubuntu, open Firestarter ( System>Administration>Firestarter). Go to policy, and add an "inbound traffic policy" and let that new port (e.g. 512) in from your network (or perhaps something more restrictive that makes sense).

  5. Putty on your client (from a shell, just type 'putty'). Now determine the IP address of your host server, and point putty at it, on the correct port and connect. It will prompt you for credentials... now you have remote telnet-like access to the remote box. In other words, all we're doing here is proving to ourselves ythat the "server" from earlier steps is actually working correctly.

  6. For good measure, try doing a scp from your client to the server (learn how SCP works).

    1. 'scp -p 512 /home/username/somefilethatexists.txt username@remotehostIP:/home/path/NewFileOnThisSystem.txt'.

    2. In the above, I'm specifying 512 for my port, and the username@remotehostIP is me forcing the right username... if I didn't do this, it would automatically attempt to use the username of the currently logged-in account on the client .

  7. At this point you've more than proven that everything works right (steps 5, 6). So the last steps are mounting and using that remote filesystem. The credit for the remainder of this goes to this older post by Carthic... but my cliffnotes follow below.

  8. Install sshfs ('sudo apt-get install sshfs'... note that this auto installs fuse as well).

  9. Now create the mount point on the client ('sudo mkdir /mnt/remotecomputer', and make yourself the owner... 'sudo chown yourusername /mnt/remotecomputer')

  10. Now add your username to the fuse group that was auto-created in step 8.

    1. 'sudo adduser yourusername fuse'. Or in Ubuntu, System>Administration>Users and Groups

  11. Log-out and log back in (users can't run the fuse binary).

  12. Finally - just mount that SSH filesystem off of the mount point you created earlier...

    1. "sshfs -f -p 512 username@ipaddress:/home/path /mnt/remotecomputer".

    2. It will prompt you for a password... type it, and now you can browse the file system of the remote server by doing an "ls /mnt/remotecomptuer" from your client. The remote file system works just like it's local... you can open and edit those remote files modify them locally and when you save them, they save to the destination server.

Now that you've got everything working correctly, you can do fun stuff like setup grsync/rsync if you actually want to replicate files from the “server” to your client (perhaps for doing easy backups over the WAN)... or if you didn't have exposure to SSH until now, you've got an easy to do remote control. Hope you found this interesting and useful.

No comments: