1

I connect to my home server with ssh server, where server is configured in ~/.ssh/config as:

Host server
    HostName {server-address}
    User me
    IdentityFile ~/.ssh/id_rsa

IdentityFile is a passphrase-protected private key, so I have to enter my passphrase every time I log in.

I can locally mount the remote file system on that server with sshfs me@{server-address}:/home/me /mnt/server. Once again, I have to enter my passphrase to log in with my private key. I notice that I don't need to actually specify the key in the sshfs options - presumably ~/.ssh/id_rsa is just the default location?

Finally, to easily mount the system, I added the below line to /etc/fstab:

me@{server-address}:/home/me  /mnt/server  fuse.sshfs  IdentityFile=/home/me/.ssh/id_rsa,defaults,noauto 0 0

And this lets me simply run mount /mnt/server to mount the filesystem - and of course, I'm asked for my passphrase.

Note that I had added the noauto option so that it wouldn't be mounted on boot, as I was worried the system would hang if it couldn't mount the filesystem without the passphrase.

Is my suspicion right here? Will the system fail to boot if it tried to mount the server filesystem, but didn't get the passphrase? Is there a way that I can supply the passphrase to /etc/fstab / the mount command, so that it will be able to boot the filesystem on boot?

murchu27
  • 527
  • 2
  • 6
  • 20
  • Take a look at this : https://unix.stackexchange.com/questions/29250/sshfs-always-asking-for-password-in-fstab – Philippe Mar 13 '21 at 13:14
  • @Philippe thanks, not exactly what I'm looking for (the answers either deal with private keys with no passphrase, or using regular passwords), but I might be able to use some of that info. I'll add an answer myself if I get sorted. – murchu27 Mar 13 '21 at 15:44
  • Have you looked this answer : https://unix.stackexchange.com/a/348060/387273 – Philippe Mar 13 '21 at 15:47
  • That answer seems to use `sshpass` to automate supplying a password, rather than a private-key passphrase. I'll look into it though, and see if it can be changed around for a private-key. – murchu27 Mar 13 '21 at 16:21
  • Did you find a solution? – Lilith-Elina Jun 25 '21 at 07:13
  • I'm afraid not, had no luck with using `sshpass` within my `/etc/fstab`. I ended up just leaving the `noauto` option on, and just mounting the remote drive with `sudo mount /mnt/server` (which requires me to specify passphrase) whenever I needed it. One command and a passphrase isn't putting me out too much, especially since I don't need that server mounted all the time. – murchu27 Jul 14 '21 at 11:10

2 Answers2

0

I don't know if this "solution" warrants an answer, but here is how I got around it:

I simply used ssh-keygen to generate another key (i.e. /home/user/.ssh/id_rsa_no_passphrase) and didn't give that one a passphrase. Then I used ssh-copy-id to upload it to my remote server.
After changing my fstab entry to reference the new public key in the IdentityFile-field it worked flawlessly and now automatically mounts the filesystem on boot.

Here is the final fstab entry:

# sshfs
USER@SERVER:/home/sshfs /mnt/ssh    fuse.sshfs  defaults,_netdev,allow_other,default_permissions,identityfile=/home/USER/.ssh/id_rsa_no_passphrase,uid=UID,gid=GID    0   0

It might not be an exact solution to the problem, but it seems to be a valid workaround!

Sealad
  • 92
  • 5
-1

I would like to give an alternative to the only answer in this question. Instead of creating a new keypair (this time without protecting the private key), it is possible to remove a passphrase from the existing private key.

Just do $ ssh-keygen -p. After removing the password, sshfs in fstab works flawlessly.

My final sshfs fstab like is USER@SERVER:/folder /mnt/sshfsmount fuse.sshfs noauto,x-systemd.automount,_netdev,allow_other,IdentityFile=/home/USER/.ssh/id_rsa,reconnect,follow_symlinks 0 0

manueldeprada
  • 31
  • 3