In this tutorial, we’ll be looking at how to mount a remote directory locally in Linux using the tool sshfs.
sshfs is a Linux command-line tool that allows us to mount a remote directory locally. Once mounted, users can interact with the mount point as if the folder exists locally.
Behind the scene, sshfs uses the SFTP protocol of the SSH to carry out any necessary file transmission between the two nodes. Therefore, the remote server must be running sshd and accepting SSH connection.
To install sshfs on Debian-based Linux such as Ubuntu, we can use apt-get:
$ sudo apt-get install -y sshfs
Similarly, we can use yum to install sshfs on RHEL-based Linux such as CentOS:
$ sudo <span class="comment-copy">yum --enablerepo=powertools install fuse-sshfs</span>
To obtain the sshfs binary on RHEL-based Linux, we’ll need to install the package fuse-sshfs. Additionally, we’ll need to enable the powertools repo using the flag –enablerepo.
2.2. General Syntax
Generally, the sshfs command can be expressed as:
sshfs [user@]host:[dir] mountpoint [options]
The first argument of sshfs is the connection string as per SSH’s specification:
The user argument specifies the username to log in as on the remote server. Then, the host argument takes the value of the IP address or domain of the remote server. Next, the optional dir argument specifies the path of the remote directory. When the value is absent, sshfs will mount on the authenticating user’s home path.
The mountpoint argument is the local path on which the mount will be created. Additionally, the path as specified by the mountpoint argument must exist before mounting. Finally, the command accepts a list of optional flags that provide a variety of configurations.
2.3. Basic Usage
To mount a remote directory with sshfs, we’ll first create a directory in the local node that serves as the mount point:
$ mkdir -p /mnt/DATA
Then, we’ll mount the remote directory using sshfs:
$ sshfs [email protected]:/tmp/DATA /mnt/DATA [email protected]'s password:
Essentially, the command above points the mount point /mnt/DATA to the remote directory /tmp/DATA at host 192.168.1.16. Additionally, we’ve chosen to connect to the host as user bob. As per the SSH specification, the remote will prompt for user bob‘s password.
2.4. Unmounting a Remote Directory
To unmount the mount point, we can use fusermount:
$ fusermount -u /mnt/DATA
Alternatively, we can use umount to unmount the mount point:
$ umount /mnt/DATA
3.1. Specifying a Different Port
If the remote server is accepting SSH connections on a different port, we can specify the port using -p. For example, we can specify the port for the SSH connection as 2200:
$ sshfs [email protected]:/tmp/DATA /mnt/DATA -p 2200
3.2. Automatic Reconnect
In the event that the connection is interrupted, we can configure sshfs to automatically re-establish the connection.
To do that, we can specify the option -o reconnect:
$ sshfs [email protected]:/tmp/DATA /mnt/DATA -o reconnect
3.3. Delaying Connection
Whenever we create a mount point using sshfs, a connection is established immediately. To delay the connection, we can apply the flag -o delay_connect:
$ sshfs [email protected]:/tmp/DATA /mnt/DATA -o delay_connect
The command returns immediately without any password prompt. That’s because the flag -o delay_connect prevents connections from being made immediately. Instead, the connection will be made when we first access the mount /mnt/DATA.
4. File Ownership and Permissions
sshfs provides several ways to map the user ID (UID) and group ID (GID) of the remote files and directory to equivalent local values. The mapping can be done as easily as mapping every UID and GID to a single value locally. Besides that, the mapping can be much more dynamic using a file that specifies the mapping.
4.1. Setting Owner to a Single User and Group
We can set the owner of the remote directories and files to a single user and group ID by passing the flag -o uid. For example, the flag -o uid=1002 sets the owner of the files and directories in the mount point to user 1002:
$ sshfs [email protected]:/tmp/DATA /mnt/DATA -o uid=1002 [email protected]'s password: $ ls -l /mnt/DATA total 4 -rw-r--r-- 1 1002 alicegroup 11 Apr 10 14:28 bob-file.txt -rw-rw-r-- 1 1002 alicegroup 12 Apr 10 14:28 joey-file.txt
Additionally, we can also set the group ID to a single local value using the flag -o gid. For example, we can set the group ID of the file within the directory to 5005:
$ sshfs [email protected]:/tmp/DATA /mnt/DATA -o gid=5005 [email protected]'s password: $ ls -l /mnt/DATA total 8 -rw-r--r-- 1 alice 5005 11 Apr 10 14:28 bob-file.txt -rw-rw-r-- 1 alice 5005 12 Apr 10 14:28 joey-file.txt
Finally, we can specify both of the flags to set the UID and GID of the files:
$ sshfs bob@ubuntu-box-p:/tmp/DATA /mnt/DATA -o uid=1002 -o gid=5005 [email protected]'s password: $ ls -l /mnt/DATA total 8 -rw-r--r-- 1 1002 5005 11 Apr 10 14:28 bob-file.txt -rw-rw-r-- 1 1002 5005 12 Apr 10 14:28 joey-file.txt
4.2. Mapping UID and GID Dynamically
To map the remote UID and GID values locally according to a mapping file, we’ll pass the option -o idmap=file. Then, we’ll specify the mapping files using the flags -o uidfile and -o gidfile.
For example, the directory /tmp/DATA at host 192.168.1.16 contains the two files, bob-file.txt, and joey-file.txt:
$ ls -l /tmp/DATA total 8 -rw-rw-r-- 1 bob bobgroup 11 Apr 10 14:28 bob-file.txt -rw-rw-r-- 1 joey joeygroup 12 Apr 10 14:28 joey-file.txt
First, we’ll need to determine the UID and GID of bob and joey on host 192.168.1.16. To determine the UID of a user, we can use the command id and passing the flag -u:
$ id -u bob 1001 $ id -u joey 1002
Using the same command id, we can obtain the GID of the user by specifying the flag -g:
$ id -g bobgroup 201 $ id -g joeygroup 202
Then, we can create a mapping rule locally in order to map the remote UID and GID to the local value. The rules are specified in a specific format:
In our example, we’ll map remote user bob to local user alice and remote user joey to local user amy:
$ cat > uid-mapping <<EOF alice:1001 amy:1002 root:0 EOF
Similarly, we can create a group ID mapping file gid-mapping to map the remote groups into local values:
$ cat > gid-mapping <<EOF alicegroup:201 amygroup:202 root:0 EOF
Then, we can create our mount point using the command sshfs, passing the uid-mapping and gid-mapping as the rules for mapping:
$ sshfs [email protected]:/tmp/DATA /mnt/DATA -o idmap=file -o uidfile=uid-mapping -o gidfile=gid-mapping
With the flag -o idmap=file, we’re telling the command sshfs to perform the mapping using files. Then, we pass the mapping filenames using the flags -o uidfile and -o gidfile.
Let’s look at the permissions information on the local mount point:
$ ls -l /mnt/DATA total 8 -rw-rw-r-- 1 alice alicegroup 11 Apr 10 14:28 bob-file.txt -rw-rw-r-- 1 amy amygroup 12 Apr 10 14:28 joey-file.txt
As we can see, the permissions have been mapped according to our uid-mapping and gid-mapping files.
In this tutorial, we looked at how to mount a remote directory using sshfs. We started off with an installation guide for Debian-based and RHEL-based Linux. Then, we looked at how to mount and unmount a remote directory.
Next, we studied some of the options that the tool provides. Finally, we explored the command’s permission mapping functionality.