How to make an fstab entry for sshfs on non-standard SSH port and using ssh key

The entry in /etc/fstab you're looking for is:

Using the ,port=PORTNUMBER and ,IdentityFile=/root.ssh/id_rsa options:

  sshfs#[email protected]:/export/inbox /mnt/inbox fuse.sshfs delay_connect,_netdev,user,IdentityFile=/root.ssh/id_rsa,idmap=user,allow_other,default_permissions,port=PORTNUMBER,uid=0,gid=0,rw,nosuid,nodev 0 0

Mounting directory through ssh with SSHFS from remote

  • By setting up SSH keys (as described above), you don't have to type your password when mounting. This will make mounting much simpler and can even be done using a script or automatically when you login to the local computer.
  • As with SSH, all traffic between the local computer and remote computer is encrypted.
  • If you are the admin on the local computer, you can configure the system to do this when the computer boots up so it will always be mounted. You need to modify /etc/fstab by adding a line like this (all on one line, though):
  • You'll also need to setup SSH keys to do this so you don't have to type in a password. Consult the SSHFS man page for an explanation of the options. If you find that the fstab line above isn't working correctly (causing an error message at boot), you can modify it to this (note the addition of noauto):

sshfs#[email protected]: /export/inbox fuse defaults,user,noauto,
uid=einstein,gid=einstein,allow_other,IdentityFile=/home/alfred/.ssh/id_dsa 0 0 

sshfs#[email protected]: /export/inbox fuse defaults,user,uid=USER,gid=USER,allow_other,IdentityFile=/home/USER/.ssh/id_dsa 0 0   

Mead's Guide to the Secure Shell (SSH)

How to mount sshfs remote directory in fstab

Automount sshfs using fstab without mount -a

SSHFS accepts many command-line options that you may want to check out. For example, if the SSH server on the remote computer was running on port 12345 instead of port 22, you would do this:

sshfs [email protected]: /export/inbox -p PORTNUMBER

Here are the command-line options:

SSHFS options:

-p PORT
    equivalent to '-o port=PORT' 
-C

equivalent to '-o compression=yes'
-F ssh_configfile
    specifies alternative ssh configuration file 
-1

equivalent to '-o ssh_protocol=1'
-o reconnect
    reconnect to server 
-o delay_connect
    delay connection to server 
-o sshfs_sync
    synchronous writes 
-o no_readahead
    synchronous reads (no speculative readahead) 
-o sshfs_debug
    print some debugging information 
-o cache=BOOL
    enable caching {yes,no} (default: yes) 
-o cache_timeout=N
    sets timeout for caches in seconds (default: 20) 
-o cache_X_timeout=N
    sets timeout for {stat,dir,link} cache 
-o workaround=LIST
    colon separated list of workarounds 
    none

    no workarounds enabled

    all

    all workarounds enabled 
    [no]rename 

fix renaming to existing file (default: off)

    [no]nodelaysrv 

set nodelay tcp flag in ssh (default: off)

    [no]truncate 

fix truncate for old servers (default: off)

    [no]buflimit 

fix buffer fillup bug in server (default: on)

-o idmap=TYPE
    user/group ID mapping, possible types are: 
    none

    no translation of the ID space (default)

    user

    only translate UID of connecting user

    file

    translate UIDs/GIDs based upon the contents of uidfile and gidfile 
-o uidfile=FILE
    file containing username:uid mappings for idmap=file 
-o gidfile=FILE
    file containing groupname:gid mappings for idmap=file 
-o nomap=TYPE
    with idmap=file, how to handle missing mappings 
    ignore

    don't do any re-mapping

    error

    return an error (default) 
-o ssh_command=CMD
    execute CMD instead of 'ssh' 
-o ssh_protocol=N
    ssh protocol to use (default: 2) 
-o sftp_server=SERV
    path to sftp server or subsystem (default: sftp) 
-o directport=PORT
    directly connect to PORT bypassing ssh -o slave communicate over stdin and stdout bypassing network 
-o transform_symlinks
    transform absolute symlinks to relative 
-o follow_symlinks
    follow symlinks on the server 
-o no_check_root
    don't check for existence of 'dir' on server 
-o password_stdin
    read password from stdin (only for pam_mount!) 
-o SSHOPT=VAL
    ssh options (see man ssh_config) 

man/1/sshfs


I want this sshfs mount to:

  1. happen only after network connection is achieved;
  2. for the files on the mount to be executable.

Pulling together the info provided in somethingSomething's excellent post along with the options required we have this:

[email protected]:/export/inbox /mnt/inbox fuse.sshfs x-systemd.automount,x-systemd.requires=network-online.target,_netdev,user,idmap=user,transform_symlinks,port=2314,identityfile=/home/stephen/.ssh/id_rsa,allow_other,default_permissions,uid=1000,gid=1000,exec 0 0

The additional options are :

  • x-systemd.automount creates an automount unit for systemd
  • x-systemd.requires=network-online.target attempts mount only after network connection is achieved
  • exec make files on the mounted drive executable.

Tags:

Sshfs

Fstab