autosshfs – Per user SSHFS automount using user’s SSH config and keys.
Autofs doesn’t provide an easy way to mount SSHFS filesystems as a regular user. HOWTOs abound on the topic, but rarely propose a solution involving the user’s ssh-agent and password-protected keys.
Autosshfs provides helper scripts to manage user automounts using
This program was heavily inspired by Josh Jackson’s autofs_sshfs, published at http://pturing.firehead.org/software/autofs_sshfs/
Copyright 2011,2012,2013 hellekin <firstname.lastname@example.org>
This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
See: COPYING (or run make license if you’re online)
sudoprivilege (for installation)
sudo apt-get install keychain ssh-askpass sshfs autofs git clone https://github.com/hellekin/autosshfs.git cd autosshfs && sudo make install sudo autosshfs-user add $(id -un)
If you don’t already have an SSH key, create one now
if [ ! -r $HOME/.ssh/id_ecdsa ]; then ssh-keygen -b 521 -t ecdsa; fi
You MUST copy the public part of the SSH key to the
.ssh/authorized_keys file in order to
allow password-less connections.
ssh-copy-id will do that for
you. Connections will silently fail if your public key isn’t
known to the remote host (internally, the automount daemon will be
waiting at a “Password: ” prompt).
This will cause the autofs automount to attempt an SSH connection to [user@]yourremotehost[:port]
The values denoted by square brackets are optional.
By default the connection to ‘yourremotehost’ will use the same user-name as you have on the localhost. It is possible to specify a different user-name and a non-standard port for connections to ‘yourremotehost’.
The following are all valid:
ls ~/mnt/ssh/yourremotehost ls ~/mnt/ssh/yourremotehost:1234 ls ~/mnt/ssh/user@yourremotehost ls ~/mnt/ssh/user@yourremotehost:1234
This section describes how the whole thing works.
/etc/auto.master (or /etc/autofs/auto.master)
- Each entry MUST point to under user’s $HOME. We assume it takes the form
In any other case it will break.
- UID and GID must match
id -u $USERand
id -g $USER
- $USER must be in group autossh
/home/joe/mnt/ssh program:/usr/local/bin/autosshfs-map uid=1234,gid=1234,--timeout=600,--ghost
workaround=rename is enabled by default to
mimick POSIX behavior when renaming files (see Issue #4), e.g., to
avoid issues with moving files in SVN repositories. If that
option is not what you want, please reopen the issue so we devise
a better solution.
This program enables or disables the automount service for a user.
autosshfs-user add joe will:
- create a
autosshfs-as-joesudo wrapper for SSH
- register the user automounter in
autosshfs-user del joe will:
- remove the
joe’s entry in
autofs map for the requested host.
Mountpoints are under
The whole remote host’s filesystem is mounted, only accessible to the user.
The script is called from
A wrapper to the
ssh command that will force
automount to use
the user’s SSH setup, including password-protected SSH keys, as
long as they’re available to the
It is called by
sudo) and loads