Home

Mounting a Remote Directory through a Gateway using MacFUSE

01 Jun 2008
Posted by Jeet Sukumaran
A firewalled-server that restricts access only through a gateway machine is a reasonable security measure, but it is a pain to have to hop through the gateway everytime you need to transfer files. It also makes it difficult to use local applications to work directly on files on the firewalled server, even if the applications support ssh- and ssftp-based editing protocols. Using a FUSE (Filesystem in Userspace) approach, you can mount a remote directory on a firewalled-server as a local volume (or directory), resulting in seamless and hassle-free access. MacFUSE is a great addition to the OS X system, and, with this, FUSE-based access to a firewalled server is a much simpler alternative to ssh tunnelling. So, here is the recipe on how to mount a remote directory through a gateway:
  1. You will, of course, need to be authorized to access both the gateway (from your local machine) and the server (from the gateway). However, you will also need to set up ssh for passwordless access in both cases (i.e., so that you can ssh from your local machine to the gateway, and from the gateway to the server without being prompted for logins.) This is not difficult to do, and if you google for "ssh passwordless login" you will find a ton of information.
  2. Download and install both MacFUSE and sshfs (get the latest versions for your operating system from the project's home page at http://code.google.com/p/macfuse/).
  3. Create a convenient link to the statically-compiled command-line binary on your system path: 
    sudo ln -s /Applications/sshfs.app/Contents/Resources/sshfs-static /usr/bin/sshfs
    At this point, mounting a remote directory using the ssh protocol itself is fairly straightforward: 
    sshfs user@host:/some/directory /some/mount/point -oreconnect,volname=
    where is the name to be given to the mounted volume. This protocol, though, does not allow access to a firewalled server. To do this, we will need to connect to the firewalled server through the gateway, and we need to wrap up this access in a way that makes it easy to pass to sshfs.
  4. Save the following wrapper script as "/usr/bin/gateway-ssh", setting a+x permissions: 
    #! /bin/sh
ssh  ssh $@
    where is the address of the gateway host.
  5. Now simply use the "-o ssh_command=" option of sshfs: 
    sshfs -o ssh_command="/usr/bin/gateway-ssh" @:/home/ /path/to/mount/dir -oreconnect,volname=
    where and is the address and your login, respectively, to the firewalled server. And that's it! It does not pop up on your desktop, but you can see it if you open your computer. You could use the "-o local" option for more Finder-friendly behavior: 
    sshfs -o ssh_command="/usr/bin/gateway-ssh" @:/home/ /path/to/mount/dir -oreconnect,volname= -o local
  6. To unmount: 
    umount /path/to/mount/dir
Tags:

Post new comment

The content of this field is kept private and will not be shown publicly.
CAPTCHA
This question is for testing whether you are a biological visitor and to prevent automated spam submissions.
Image CAPTCHA
Enter the characters shown in the image.