Auto mount sshfs volume through fstab with password auth
- In this example I implied that we work as root. If you don't, apply
sudo su
orsudo
when needed. - Your system may use different init system than Systemd, but Cron is pretty universal.
You can simply use /etc/fstab
to pre-define your mount options and whatnot.
Example:
USERNAME@HOSTNAME_OR_IP:/REMOTE/DIRECTORY /LOCAL/MOUNTPOINT fuse.sshfs defaults,password_stdin,_netdev 0 0
Keep in mind default mount options are far from perfect.
For example: reconnect is important. see: https://github.com/libfuse/sshfs/issues/101
An example with these options (taken from the Github issue):
sshfs#[email protected]:/content/ /mnt/srv fuse password_stdin,defaults,user,allow_other,reconnect,delay_connect,ConnectTimeout=5,ServerAliveInterval=5,IdentityFile=/root/.ssh/id_rsa_storage 0 0
Once that's done, you need a simple script with this sole content, such as:
#!/bin/bash
echo "passwordgoeshere" | mount /mnt/srv
Let's save it under your root user, so an example: /root/mount_sshfs.sh
Now you need to make it executable: chown +x /root/mount_sshfs.sh
Now all you need is just cron
or systemd
to execute this on mount.
With cron, a simple entry like this works:
@reboot /root/mount_sshfs.sh
With Systemd:
1) You have to create the script. See just above.
2) You have to create a new Systemd service script.
An example would be: /etc/systemd/system/mount_network.sh
3) The contents of the file:
[Unit]
Wants=network-online.target
After=network-online.target
[Service]
ExecStart=/root/mount_sshfs.sh
[Install]
WantedBy=default.target
Notes:
- I did not test the Systemd method as I try not to rely on it as much as possible. It's personal dislike/dislike/hate. :)
- With Cron, you may need to add a "sleep" to the script, so it doesn't try to run the script "too early", ie.: before internet/network comes up.
Source: https://linuxconfig.org/how-to-automatically-execute-shell-script-at-startup-boot-on-systemd-linux
Related videos on Youtube
Chris Smith
Updated on September 18, 2022Comments
-
Chris Smith almost 2 years
I have a headless server running Ubuntu 12.04.4 that needs to come back up after a reboot without user intervention. There is an existing manual process that involves looking at files on a remote server over sftp and manipulating certain ones. The auth for the sftp site uses a username and password. I want to automate this process by removing the manual step of getting into the sftp server by mounting the remote volume directly on the server that needs the files.
Note that I do not have a ssh identity file because key based auth is not being used. I cannot change the remote end to use key auth; I need to use the existing username and password. Most of the guides I've found out there only deal with using a key based identity file.
Current fstab config:
sshfs#[email protected]:/SecureFTP /my/localpath fuse allow_other,uid=root,gid=clientfiles,umask=0770
When mounting interactively, it prompts for the password. I need the server to be able to recover from a reboot without having someone there to babysit and type the password in, so it needs to work without any prompting. I don't know how to get the password in aside from the prompt. Ideally, I could specify a credential file with the username and password like I can with the
credentials=<file name>
cifs
option.I've tried
credentials=
andpassword=
as mount options but they don't seem to be defined forsshfs
; I getfuse: unknown option
.There IS a
password_stdin
option for sshfs but I'm not sure how that applies in fstab.-
Panther about 10 yearsMake a ssh key. This has nothing to do with the server. Make a key on the client and then transfer the key to the server with ssh-copyid . Then use a fstab entry with the key ;)
-
Chris Smith about 10 years@bodhi.zazen Can't. "Remote execution access has been disabled by the system administrator"
-
Panther about 10 yearsWhy not? I do not think sshfs allows password authentication in fstab.
-
Chris Smith about 10 yearsThe remote end may not even be a unixy box with full ssh. It's not under my control. ssh-copy-id fails without remote execution enabled. I asked this question to find some way of making this work... it seems like an oversight if there is no way to do it.
-
Panther about 10 yearsContact the owner of the server (remote) box and have a key made for this purpose.
-
user6294230 almost 5 yearsAfter making sure permissions were correct, resent keys, it was still not working. Then I stumbled on this which I had not done previously and had not seen anyone mention. unix.stackexchange.com/questions/37168/… After enabling I ran my sshfs commands without sudo and it all worked perfectly.
-
-
Admin about 2 yearsthat's so ugly that I am almost creating an empty password
-
Admin almost 2 years@iambr Trust me I tried for days and days looking for a more elegant solution. There is nothing. Your best bet is key auth. But if it cannot be done, this is the (ugly) way.