Auto mount sshfs volume through fstab with password auth

server mount fstab sshfs fuse

13,558

In this example I implied that we work as root. If you don't, apply sudo su or sudo when needed.
Your system may use different init system than Systemd, but Cron is pretty universal.

You can simply use /etc/fstab to pre-define your mount options and whatnot.

Example:

USERNAME@HOSTNAME_OR_IP:/REMOTE/DIRECTORY /LOCAL/MOUNTPOINT fuse.sshfs  defaults,password_stdin,_netdev 0 0

Keep in mind default mount options are far from perfect.
For example: reconnect is important. see: https://github.com/libfuse/sshfs/issues/101

An example with these options (taken from the Github issue):

sshfs#[email protected]:/content/ /mnt/srv fuse   password_stdin,defaults,user,allow_other,reconnect,delay_connect,ConnectTimeout=5,ServerAliveInterval=5,IdentityFile=/root/.ssh/id_rsa_storage 0 0

Once that's done, you need a simple script with this sole content, such as:

#!/bin/bash
echo "passwordgoeshere" | mount /mnt/srv

Let's save it under your root user, so an example: /root/mount_sshfs.sh
Now you need to make it executable: chown +x /root/mount_sshfs.sh

Now all you need is just cron or systemd to execute this on mount.
With cron, a simple entry like this works:
@reboot /root/mount_sshfs.sh

With Systemd:
1) You have to create the script. See just above.
2) You have to create a new Systemd service script.
An example would be: /etc/systemd/system/mount_network.sh
3) The contents of the file:

[Unit]
Wants=network-online.target
After=network-online.target

[Service]
ExecStart=/root/mount_sshfs.sh

[Install]
WantedBy=default.target

Notes:

I did not test the Systemd method as I try not to rely on it as much as possible. It's personal dislike/dislike/hate. :)
With Cron, you may need to add a "sleep" to the script, so it doesn't try to run the script "too early", ie.: before internet/network comes up.

Source: https://linuxconfig.org/how-to-automatically-execute-shell-script-at-startup-boot-on-systemd-linux

13,558

Chris Smith

Updated on September 18, 2022

Comments

Chris Smith almost 2 years
I have a headless server running Ubuntu 12.04.4 that needs to come back up after a reboot without user intervention. There is an existing manual process that involves looking at files on a remote server over sftp and manipulating certain ones. The auth for the sftp site uses a username and password. I want to automate this process by removing the manual step of getting into the sftp server by mounting the remote volume directly on the server that needs the files.

Note that I do not have a ssh identity file because key based auth is not being used. I cannot change the remote end to use key auth; I need to use the existing username and password. Most of the guides I've found out there only deal with using a key based identity file.

Current fstab config:
```
sshfs#[email protected]:/SecureFTP /my/localpath fuse allow_other,uid=root,gid=clientfiles,umask=0770
```
When mounting interactively, it prompts for the password. I need the server to be able to recover from a reboot without having someone there to babysit and type the password in, so it needs to work without any prompting. I don't know how to get the password in aside from the prompt. Ideally, I could specify a credential file with the username and password like I can with the credentials=<file name> cifs option.

I've tried credentials= and password= as mount options but they don't seem to be defined for sshfs; I get fuse: unknown option.

There IS a password_stdin option for sshfs but I'm not sure how that applies in fstab.
- Panther about 10 years
  
  Make a ssh key. This has nothing to do with the server. Make a key on the client and then transfer the key to the server with ssh-copyid . Then use a fstab entry with the key ;)
- Chris Smith about 10 years
  
  @bodhi.zazen Can't. "Remote execution access has been disabled by the system administrator"
- Panther about 10 years
  
  Why not? I do not think sshfs allows password authentication in fstab.
- Chris Smith about 10 years
  
  The remote end may not even be a unixy box with full ssh. It's not under my control. ssh-copy-id fails without remote execution enabled. I asked this question to find some way of making this work... it seems like an oversight if there is no way to do it.
- Panther about 10 years
  
  Contact the owner of the server (remote) box and have a key made for this purpose.
- user6294230 almost 5 years
  
  After making sure permissions were correct, resent keys, it was still not working. Then I stumbled on this which I had not done previously and had not seen anyone mention. unix.stackexchange.com/questions/37168/… After enabling I ran my sshfs commands without sudo and it all worked perfectly.
Admin about 2 years

that's so ugly that I am almost creating an empty password
Admin almost 2 years

@iambr Trust me I tried for days and days looking for a more elegant solution. There is nothing. Your best bet is key auth. But if it cannot be done, this is the (ugly) way.