1

I've been using sshfs to mount directories from servers on my laptop.

I also have the following in my ~/.ssh/config: ControlMaster auto

I set this because it keeps a single ssh connection alive whenever I ssh into a server. I do this particularly for fast browsing in emacs using tramp.

Since I have sshfs in my /etc/fstab, the ssh connection from sshfs is the one that stays alive. A lot of times I also need X11 forwarding (ssh -X -Y -C), and since I'm always using the original connection from sshfs, X11 isn't forwarded.

X11 works when I remove the sshfs mount from my fstab, and I ssh into my servers manually with the -X -Y -C option.

Is there a way to turn on -X -Y -C (or the likes) for sshfs? I tried adding ForwardX11 yes ForwardX11Trusted yes

in ~/.ssh/config and /etc/ssh/ssh_config to force the option to always be on (might have security issue). However, sshfs in /etc/fstab does not pick this up.

Do you have any suggestions? Thanks!

Vinh Nguyen
  • 275
  • 2
  • 10
  • Looks like this is a known [bug](https://bugs.launchpad.net/ubuntu/+source/sshfs-fuse/+bug/83631) that is probably not fixed yet (no new version of sshfs since 2008). – Vinh Nguyen May 12 '11 at 18:42
  • My solution to all this can be found [here](http://blog.nguyenvq.com/2011/05/12/sshfs-doesnt-forward-x-conflict-with-controlmaster-auto/). – Vinh Nguyen May 12 '11 at 19:34

3 Answers3

4

The way around this problem is to use script in place of ssh command.

man pages of sshfs (at least since 2.0 April 2008)

-o ssh_command=CMD
  execute CMD instead of 'ssh'

Like this:

sshfs user@remote: mountpoint -o ssh_command='/path/to/sshcmd -Y -X -C '

And here's sshcmd

#!/bin/bash

# declare array for ssh options
declare -a CLEANED_SSH_OPTS
declare -a ADD_OPTIONS

# add options to be automatically added to the ssh command here.
# example
#ADD_OPTIONS=( '-C' )
# empty default
ADD_OPTIONS=(  )

for OPT in "$@"; do 
  # add list of values to be removed
  # from sshfs ssh options
  case $OPT in
    "-x")
     # this and these like this will be removed
    ;;
    "-a")
    ;;
    "-oClearAllForwardings=yes")
    ;;
    *)
      # These are ok.. add
      NUM=${#CLEANED_SSH_OPTS[@]}
      CLEANED_SSH_OPTS[$NUM]="$OPT"
    ;;
  esac
done

# Start ssh with CLEANED options
exec ssh ${ADD_OPTIONS[@]} ${CLEANED_SSH_OPTS[@]}
# replace above exec with the next one if you ssh tunneling to run as your 
# local user. Like when using automatic mounts from fstab.
# Please note that this has some extra security issues.
#exec su YourUserName -c "ssh ${ADD_OPTIONS[@]} ${CLEANED_SSH_OPTS[@]}"

Adding something like this to fstab should allow automatic mounting of sshfs and enable forwarding. Do note that when mount happens it's usually root user so you might have to make appropriate changes to sshcmd (see last line of sshcmd).

sshfs#USERID@HOST:/TARGETPATH /MOUNT_POINT fuse _netdev,user,ssh_command=/path/to/sshcmd\040-Y\040-X 0 0
Manwe
  • 888
  • 4
  • 12
  • Thanks for this. How would you incorporate this in /etc/fstab? – Vinh Nguyen Jan 13 '12 at 22:34
  • Use **\040** for spaces: `sshfs#USERID@HOST:/TARGETPATH /MOUNT_POINT fuse user,noauto,ssh_command=/path/to/sshcmd\040-Y\040-X 0 0 ` – Manwe Jan 16 '12 at 10:16
  • I have something like the following, and it does not mount at startup: `sshfs#username@server: /mnt/server fuse fsname=sshfs#username@server:,comment=sshfs,noauto,users,exec,uid=1000,gid=1000,allow_other,reconnect,transform_symlinks,BatchMode=yes,ssh_command=/path/to/sshcmd\040-Y\040-X\040-C 0 0` Do you have any suggestions? – Vinh Nguyen Jan 16 '12 at 19:36
  • In my example and yours there is `noauto` options which means it is not automatically mounted. Depending on your system adding _netdev might do the trick or leaving the `noauto` in place and adding a line to /etc/rc.local like `mount /mnt/server`. This all requires that your network is working! – Manwe Jan 16 '12 at 20:26
  • sorry please ignore my previous inquiry. I accidentally uncommented one the comment lines with comments. Even though I don't have a mount issue, I don't think the `-Y -X -C` is being honored because when I ssh into the same server, I can not open X11 windows. I was able to when I manually mounted outside of /etc/fstab as you originally proposed. – Vinh Nguyen Jan 17 '12 at 17:02
  • Well, first thing that comes to my mind is that you're mounting stuff as root so the ssh session is roots. I'll leave you to figure it out, but here's some pointers. sshfs `ControlPath=somePath`, note permissions and changing the lastling of sshcmd to `exec su YourUserName -c "ssh ${ADD_OPTIONS[@]} ${CLEANED_SSH_OPTS[@]}"` – Manwe Jan 17 '12 at 17:39
  • I don't think it's a root issue. I automount my servers using sshfs according to [this](http://ubuntuforums.org/showthread.php?t=430312) post. It automatically detects that I'm the current user (say, user1), and mounts those sshfs entries in /etc/fstab using my username. Not sure why the X forwarding is not honored here. It must have to do with the ssh_command option in /etc/fstab... – Vinh Nguyen Jan 21 '12 at 23:38
  • You can add to sshcmd before sshfs command `whoami >> /tmp/sshfs.whoami` to see whose actually running the script. And add `echo $OPT >> /tmp/sshfs-params.txt` to line just after `for ...`. It could be that there's still some params to cleanout. Anyway the examples I've given work for me so I'm not sure what's different in your setup. – Manwe Jan 22 '12 at 00:01
  • whoami file shows my username, OK. param files shows a single argument: sftp. I was expecting "-X -Y -C". Is this correct? When I do `ps aux | grep sshfs`, I see my command:`myserver.com: /mnt/myserver -o rw,nosuid,nodev,fsname=sshfs#me@myserver.com:,uid=1000,gid=1000,allow_other,reconnect,transform_symlinks,BatchMode=yes,ssh_command=/path/to/bin/sshcmd -Y -X -C`. I think the `-Y -X -C` arguments are ignored, is it not? – Vinh Nguyen Jan 22 '12 at 15:45
  • Try hardcoding params to sshcmd by adding `ADD_OPTIONS=( '-C' '-X' '-Y' )` to it. Other than that I cannot guess what's the problem – Manwe Jan 22 '12 at 16:12
  • Hardcoding into sshcmd also does not work...weird. Let me test with a different server and report back later. – Vinh Nguyen Jan 22 '12 at 16:29
  • With a different server, same results: X windows not forwarded, and only "sftp" shows up in the params file. I'm quite sure the arguments are passed correctly as it also shows only "sftp" when I do a manual mount per your original solution. Is one of the other options in my /etc/fstab (like BatchMode=yes" conflicting? When I launch a window in ssh on the server, it can't find the display. I'm also quite sure that the same ssh connection is being shared. Any other suggestions? I appreciate all the help you are offering. – Vinh Nguyen Jan 22 '12 at 19:32
  • edit your automount script with this line: `{ sudo -u "$mp_uid" sh -c "mount $mp" &&` to include `-i` like `{ sudo -u "$mp_uid" -i sh -c "mount $mp" &&` . The -i option to sudo will bring you login env to sshfs command.. at this point I cannot guess what else could be wrong, if it works when you do 'mount /your/mount/point'. And the add_options has to be before `exec` line. – Manwe Jan 23 '12 at 08:06
  • Adding `-i` did not fix it. A manual sshfs command works (X windows forwarded), yet the automount script does not. What else is wrong? Is it not picking up environment variables that point at my current X window display? – Vinh Nguyen Jan 24 '12 at 23:50
  • You can't do it in `/etc/fstab` because during boot there is no X server running yet. – Rufflewind Nov 05 '14 at 21:02
1

Try this:

sshfs -ossh_command="ssh -A me@host1_wan_ip ssh $@" me@host2_lan_ip:/ /media/me/mount1
diyism
  • 209
  • 3
  • 12
0

Yesterday I had exactly the same problem. I've modified sshcmd so that nows it also tries to contact the user's ssh-agent. Thanks Manwë!

#!/bin/bash
# Open a ssh connection as a given user, thus using his/hers authentication
# agent and/or config files.
: ${ADDOPTS:="-2Ax"}
: ${LOCAL:="kreator"}
export SSH_AUTH_SOCK=$(find /tmp/ssh-* -type s -user ${LOCAL} -name agent* | tail -1)
declare -a options=( $* )

# Remove unwanted options
for (( i=0,fin=${#options[*]} ; i < fin ; i++ ))
do
    case ${options[$i]} in
            (-a|-oClearAllForwardings=*)    unset options[$i]
                                            ;;
    esac
done

exec /bin/su ${LOCAL} -c "$(which ssh) ${ADDOPTS} ${options[*]}"
kreator
  • 26
  • 1