How to mount remote SSHFS via intermediate machine? Tunneling?

26

18

I would like to mount a remote file system (A) using SSHFS, but sometimes I have IP address, access from which is not allowed. So my plan is to access it via another machine (B) in that network. Do I need to mount A on B and then to mount B (and A) on my local computer? Is there a better way to do it?

Update

Just to clarify the procedure:

First, I make a tunnel

ssh -f user@machineB -L MYPORT:machineA:22 -N

And then I mount the remote file system

sshfs -p MYPORT user@127.0.0.1:/myremotepath /mylocalpath

Is it correct?

How do I destroy the tunnel when I am done?

Andrei

Posted 2010-05-08T10:47:05.810

Reputation: 1 164

1better way to set up tunnel is to have connection to B from GNU screen window using ssh user@machineB -L 2222:machineA:22 -N so you can easily kill it with ^C – edk – 2010-05-09T16:03:26.117

Answers

9

yeah tunneling. You connect machine B, create local tunnel (-L) to SSHd port of machine A then sshfs to localhost to the port of newly created tunnel.

edk

Posted 2010-05-08T10:47:05.810

Reputation: 308

Is the following command the right way to do that? ssh -f user@machineB -L 25:machineA:25 -N – Andrei – 2010-05-08T14:00:45.017

1yes if you have sshd listening to port 25 on machine A. then you'll just have to sshfs -p 25 user@127.0.0.1:/path /localpath – edk – 2010-05-08T14:20:14.813

1Aha, so for default ssh setup I need ssh -f user@machineB -L 22:machineA:22 -N, right? – Andrei – 2010-05-08T15:32:57.450

17

You can use option ssh_command of sshfs to do the trick:

sshfs ma: /mnt -o ssh_command='ssh -t mb ssh'

Unmount with the usual

fusermount -u /mnt

Sorry this is 7 years late...

Rodrigo Farias

Posted 2010-05-08T10:47:05.810

Reputation: 171

5With the new -J option in Openssh 1.1 it is something along: sshfs ma: /mnt -o ssh_command='ssh -J mb' – Ohad Rubin – 2018-07-18T01:25:32.317

0

Your connection scheme: Your machine --> Host B --> Host A

Our solution will use Proxy Jump, introduced in OpenSSH 7.3, so you'll need to check that your version is newer with:

ssh -V

Then you need to configure properly your ~/.ssh/config. For example, if machineB is available with a password login from machineA :

machineB
    HostName {machineB ip address}
    User {machineB username}
    Port {machineB port-number}
    IdentityFile ~/.ssh/{machineB private ssh key}

machineA
    ProxyJump machineB
    Hostname {machineA ip address, maybe in local network}
    User {machineA username}
    Port {machineA port-number}

Finally, create your mountpoint and add line to /etc/fstab

machineB:{machineB mount path}  {your local mountpoint}  fuse.sshfs delay_connect,_netdev,user,idmap=user,follow_symlinks,identityfile={local path to machineB private key},default_permissions,uid={local user uid},gid={local user gid} 0 0

lucidyan

Posted 2010-05-08T10:47:05.810

Reputation: 109

Does this have any benefit vs. using only -o ssh_command="ssh -J machineB" ? – clemisch – 2019-05-18T08:27:51.627

Asked: 2010-05-08T10:47:05.810

Viewed: 22 690 times

Active: 2019-03-01T14:36:19.747