LSDF Online Storage: Secure Shell: Difference between revisions

From Lsdf
Jump to navigationJump to search
No edit summary
Line 27: Line 27:


'''Attention:''' Posix style file commands (for instance '''chmod''') must not be applied on files on a CIFS share. This may revoke sharing and Access Lists (ACLs), steering the access to the files.
'''Attention:''' Posix style file commands (for instance '''chmod''') must not be applied on files on a CIFS share. This may revoke sharing and Access Lists (ACLs), steering the access to the files.




== Using SSHFS ==

SSHFS is a file system implementation allowing users to mount and interact with directories and files located on a remote server over a normal ssh connection. Using SSHFS a mounted remote file system behaves similar to other local volumes or files systems. In situations where higher performance and / or simultaneous access to the LSDF Online Storage by many users are required other protocols like NFS, CIFS or WebDAV might be better suited.


=== Installation ===

SSHFS is available on many linux distribution via the standard software distribution channels.

On Debian/Ubuntu like systems:
<pre>
$ apt-get install sshfs
</pre>

On RedHat/CentOS like systems:
<pre>
$ yum install fuse-sshfs
</pre>


=== Mounting a Remote File System ===

To mount a remote file system via command line:
<pre>
$ mkdir mountpoint
$ sshfs <USERNAME>@os-login.lsdf.kit.edu:/lsdf/kit/inst/projects ./mointpoint
</pre>

==== Mounting with ''/etc/fstab'' ====

Add (as root) a line to your ''/etc/fstab'' describing how to mount the remote folder:
<pre>
sshfs <USERNAME>@os-login.lsdf.kit.edu:/lsdf/kit/<INSTITUTE>/projects <MOUNTPOINT> fuse uid=<UID>,gid=<GID>,umask=0,allow_other,defaults,auto 0 0
</pre>
where ''<UID'' is the numerical user id of the user the remote mount will be mapped to, ''<GID>'' is the numerical group id of the
user the remote mount will be mapped to, ''<USERNAME>'' is the user name user for the SSH login, ''<MOUNTPOINT>'' is the local mount point (directory).

For example:
<pre>
sshfs xy1234@os-login.lsdf.kit.edu:/lsdf/kit/scc/projects /mnt/mountpoint fuse uid=7777,gid=12345,umask=0,allow_other,defaults,auto 0 0
</pre>

In order to make the above example work, password-less ssh login with keys needs to be properly configured. Mount the remote file system by issuing the following command (as root):
<pre>
$ mount /mnt/mountpoint
</pre>





== Using Secure Shell with Windows ==
== Using Secure Shell with Windows ==
Line 76: Line 129:
== External Links ==
== External Links ==


[https://en.wikipedia.org/wiki/Secure_Shell Secure Shell]
* [https://en.wikipedia.org/wiki/Secure_Shell Secure Shell]
* [https://en.wikipedia.org/wiki/SSHFS Secure Shell Filesystem]






Revision as of 11:47, 16 April 2019

Secure Shell or SSH refers to both a cryptographic network protocol as well a number of applications that can be used to establish a secure connect with a service provider like the LSDF Online Storage. SSH is typically used to login interactively to a remote machine and execute commands, but it can also be used to transfer file using the protocols SSH File Transfer Protocol (SFTP) or Secure Copy (SCP). The SSH Filesystem (SSHFS) is a file system client based on the SSH protocol which allows to locally mount and interact with directories and files located on a remote server.

SSH access to the LSDF Online Storage is provided via a cluster of login servers reachable at the address os-login.lsdf.kit.edu.


Using SSH on Linux or Mac OS

To interactively login to the LSDF Online Storage login cluster enter the following command in a linux shell or Mac OS terminal

$ ssh <USERNAME>@os-login.lsdf.kit.edu

where <USERNAME> needs to be replaced with your actual user name, e.g. xy1234. The command above will ask for a password to grant access to the login server.

To avoid being asked for a password on every login, password-less access can be configured by distributing a public key to the login server. To create a new set of keys issue the following command:

$ ssh-keygen

The newly generated key should be password protected.

To copy the public part of your key pair to the login server issue the following command:

$ ssh-copy-id -i ~/.ssh/id_rsa.pub <USERNAME>@os-login.lsdf.kit.edu

Subsequent logins will use the key instead of a password to authenticate to the login server.


Attention: Posix style file commands (for instance chmod) must not be applied on files on a CIFS share. This may revoke sharing and Access Lists (ACLs), steering the access to the files.



Using SSHFS

SSHFS is a file system implementation allowing users to mount and interact with directories and files located on a remote server over a normal ssh connection. Using SSHFS a mounted remote file system behaves similar to other local volumes or files systems. In situations where higher performance and / or simultaneous access to the LSDF Online Storage by many users are required other protocols like NFS, CIFS or WebDAV might be better suited.


Installation

SSHFS is available on many linux distribution via the standard software distribution channels.

On Debian/Ubuntu like systems:

$ apt-get install sshfs

On RedHat/CentOS like systems:

$ yum install fuse-sshfs


Mounting a Remote File System

To mount a remote file system via command line:

$ mkdir mountpoint
$ sshfs <USERNAME>@os-login.lsdf.kit.edu:/lsdf/kit/inst/projects ./mointpoint

Mounting with /etc/fstab

Add (as root) a line to your /etc/fstab describing how to mount the remote folder:

sshfs <USERNAME>@os-login.lsdf.kit.edu:/lsdf/kit/<INSTITUTE>/projects    <MOUNTPOINT>    fuse    uid=<UID>,gid=<GID>,umask=0,allow_other,defaults,auto 0 0

where <UID is the numerical user id of the user the remote mount will be mapped to, <GID> is the numerical group id of the user the remote mount will be mapped to, <USERNAME> is the user name user for the SSH login, <MOUNTPOINT> is the local mount point (directory).

For example:

sshfs xy1234@os-login.lsdf.kit.edu:/lsdf/kit/scc/projects   /mnt/mountpoint    fuse    uid=7777,gid=12345,umask=0,allow_other,defaults,auto 0 0

In order to make the above example work, password-less ssh login with keys needs to be properly configured. Mount the remote file system by issuing the following command (as root):

$ mount /mnt/mountpoint



Using Secure Shell with Windows

Please find below a list of Secure Shell clients for Windows and MacOS (without any claim to completeness):

MobaXterm https://mobaxterm.mobatek.net/
PuTTY https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html
WinSCP http://winscp.net/eng/download.php
FileZilla http://sourceforge.net/projects/filezilla/
WebDrive https://southrivertech.com/products/webdrive/download/
Cygwin http://cygwin.com/install.html
Windows 10 subsystem for Linux https://msdn.microsoft.com/de-de/commandline/wsl/install_guide

The following software packages provide network drive functionality based on SFTP:

WebDrive (for Windows, Mac, iOS, Android) http://www.southrivertechnologies.com/download/downloadwd.html
SFTPNetDrive (for Windows) http://www.sftpnetdrive.com/
NetDrive (for Windows) http://www.netdrive.net/
ExpanDrive (for Windows and Mac) http://www.expandrive.com/expandrive
MountainDuck (for Windows and Mac) https://mountainduck.io/

External Links