Authors Top

If you have a few years of experience in the Linux ecosystem, and you’re interested in sharing that experience with the community, have a look at our Contribution Guidelines.

1. Overview

In this tutorial, we’ll be looking at how to mount a remote directory locally in Linux using the tool sshfs.

2. sshfs

sshfs is a Linux command-line tool that allows us to mount a remote directory locally. Once mounted, users can interact with the mount point as if the folder exists locally.

Behind the scene, sshfs uses the SFTP protocol of the SSH to carry out any necessary file transmission between the two nodes. Therefore, the remote server must be running sshd and accepting SSH connection.

2.1. Installation

To install sshfs on Debian-based Linux such as Ubuntu, we can use apt-get:

$ sudo apt-get install -y sshfs

Similarly, we can use yum to install sshfs on RHEL-based Linux such as CentOS:

$ sudo <span class="comment-copy">yum --enablerepo=powertools install fuse-sshfs</span>

To obtain the sshfs binary on RHEL-based Linux, we’ll need to install the package fuse-sshfs. Additionally, we’ll need to enable the powertools repo using the flag –enablerepo.

2.2. General Syntax

Generally, the sshfs command can be expressed as:

sshfs [[email protected]]host:[dir] mountpoint [options] 

The first argument of sshfs is the connection string as per SSH’s specification:

[[email protected]]host:[dir]

The user argument specifies the username to log in as on the remote server. Then, the host argument takes the value of the IP address or domain of the remote server. Next, the optional dir argument specifies the path of the remote directory. When the value is absent, sshfs will mount on the authenticating user’s home path.

The mountpoint argument is the local path on which the mount will be created. Additionally, the path as specified by the mountpoint argument must exist before mounting. Finally, the command accepts a list of optional flags that provide a variety of configurations.

2.3. Basic Usage

To mount a remote directory with sshfs, we’ll first create a directory in the local node that serves as the mount point:

$ mkdir -p /mnt/DATA

Then, we’ll mount the remote directory using sshfs:

$ sshfs [email protected]:/tmp/DATA /mnt/DATA
[email protected]'s password:

Essentially, the command above points the mount point /mnt/DATA to the remote directory /tmp/DATA at host 192.168.1.16. Additionally, we’ve chosen to connect to the host as user bob. As per the SSH specification, the remote will prompt for user bob‘s password.

2.4. Unmounting a Remote Directory

To unmount the mount point, we can use fusermount:

$ fusermount -u /mnt/DATA

Alternatively, we can use umount to unmount the mount point:

$ umount /mnt/DATA

3. Options

3.1. Specifying a Different Port

If the remote server is accepting SSH connections on a different port, we can specify the port using -p. For example, we can specify the port for the SSH connection as 2200:

$ sshfs [email protected]:/tmp/DATA /mnt/DATA -p 2200

3.2. Automatic Reconnect

In the event that the connection is interrupted, we can configure sshfs to automatically re-establish the connection.

To do that, we can specify the option -o reconnect:

$ sshfs [email protected]:/tmp/DATA /mnt/DATA -o reconnect

3.3. Delaying Connection

Whenever we create a mount point using sshfs, a connection is established immediately. To delay the connection, we can apply the flag -o delay_connect:

$ sshfs [email protected]:/tmp/DATA /mnt/DATA -o delay_connect

The command returns immediately without any password prompt. That’s because the flag -o delay_connect prevents connections from being made immediately. Instead, the connection will be made when we first access the mount /mnt/DATA.

4. File Ownership and Permissions

sshfs provides several ways to map the user ID (UID) and group ID (GID) of the remote files and directory to equivalent local values. The mapping can be done as easily as mapping every UID and GID to a single value locally. Besides that, the mapping can be much more dynamic using a file that specifies the mapping.

4.1. Setting Owner to a Single User and Group

We can set the owner of the remote directories and files to a single user and group ID by passing the flag -o uid. For example, the flag -o uid=1002 sets the owner of the files and directories in the mount point to user 1002:

$ sshfs [email protected]:/tmp/DATA /mnt/DATA -o uid=1002
[email protected]'s password:
$ ls -l /mnt/DATA
total 4
-rw-r--r-- 1 1002 alicegroup 11 Apr 10 14:28 bob-file.txt
-rw-rw-r-- 1 1002 alicegroup 12 Apr 10 14:28 joey-file.txt

Additionally, we can also set the group ID to a single local value using the flag -o gid. For example, we can set the group ID of the file within the directory to 5005:

$ sshfs [email protected]:/tmp/DATA /mnt/DATA -o gid=5005
[email protected]'s password:
$ ls -l /mnt/DATA
total 8
-rw-r--r-- 1 alice 5005 11 Apr 10 14:28 bob-file.txt
-rw-rw-r-- 1 alice 5005 12 Apr 10 14:28 joey-file.txt

Finally, we can specify both of the flags to set the UID and GID of the files:

$ sshfs [email protected]:/tmp/DATA /mnt/DATA -o uid=1002 -o gid=5005
[email protected]'s password:
$ ls -l /mnt/DATA
total 8
-rw-r--r-- 1 1002 5005 11 Apr 10 14:28 bob-file.txt
-rw-rw-r-- 1 1002 5005 12 Apr 10 14:28 joey-file.txt

4.2. Mapping UID and GID Dynamically

To map the remote UID and GID values locally according to a mapping file, we’ll pass the option -o idmap=file. Then, we’ll specify the mapping files using the flags -o uidfile and -o gidfile.

For example, the directory /tmp/DATA at host 192.168.1.16 contains the two files, bob-file.txt, and joey-file.txt:

$ ls -l /tmp/DATA
total 8
-rw-rw-r-- 1 bob  bobgroup  11 Apr 10 14:28 bob-file.txt
-rw-rw-r-- 1 joey joeygroup 12 Apr 10 14:28 joey-file.txt

First, we’ll need to determine the UID and GID of bob and joey on host 192.168.1.16. To determine the UID of a user, we can use the command id and passing the flag -u:

$ id -u bob
1001
$ id -u joey
1002

Using the same command id, we can obtain the GID of the user by specifying the flag -g:

$ id -g bobgroup
201
$ id -g joeygroup
202

Then, we can create a mapping rule locally in order to map the remote UID and GID to the local value. The rules are specified in a specific format:

local-username:remote-uid

In our example, we’ll map remote user bob to local user alice and remote user joey to local user amy:

$ cat > uid-mapping <<EOF
alice:1001
amy:1002
root:0
EOF

The command above writes the mapping rules into the file uid-mapping using the command cat and heredoc.

Similarly, we can create a group ID mapping file gid-mapping to map the remote groups into local values:

$ cat > gid-mapping <<EOF
alicegroup:201
amygroup:202
root:0
EOF

Then, we can create our mount point using the command sshfs, passing the uid-mapping and gid-mapping as the rules for mapping:

$ sshfs [email protected]:/tmp/DATA /mnt/DATA -o idmap=file -o uidfile=uid-mapping -o gidfile=gid-mapping

With the flag -o idmap=file, we’re telling the command sshfs to perform the mapping using files. Then, we pass the mapping filenames using the flags -o uidfile and -o gidfile.

Let’s look at the permissions information on the local mount point:

$ ls -l /mnt/DATA
total 8
-rw-rw-r-- 1 alice   alicegroup  11 Apr 10 14:28 bob-file.txt
-rw-rw-r-- 1 amy     amygroup    12 Apr 10 14:28 joey-file.txt

As we can see, the permissions have been mapped according to our uid-mapping and gid-mapping files.

5. Conclusion

In this tutorial, we looked at how to mount a remote directory using sshfs. We started off with an installation guide for Debian-based and RHEL-based Linux. Then, we looked at how to mount and unmount a remote directory.

Next, we studied some of the options that the tool provides. Finally, we explored the command’s permission mapping functionality.

Authors Bottom

If you have a few years of experience in the Linux ecosystem, and you’re interested in sharing that experience with the community, have a look at our Contribution Guidelines.

Comments are closed on this article!