SSHFS — A VPN Alternative
I returned to configuring an OpenVPN server in DD-WRT. My previous attempt had failed.
I again ran into unresolved problems. My PPTP VPN connection “just works.” I am not concerned about the various security issues with PPTP. I expect my usage to be limited and used only from trusted secure access points. I do not keep ports open on my LAN until needed, and even then only one open port through which I open additional ports.
Resigned to letting OpenVPN efforts sit idle for a while, I pursued a different way of remotely accessing server files.
With some nominal twists in the command line, I could use SSHFS to connect to remote shares using the same SSH connections and user
To remotely connect to my LAN server I use the following:
remote_server is defined in my
To use SSHFS I slightly modify that command:
sshfs remote_server:/ remote
Where remote is a user $HOME empty mount point. In this example I connect to the root directory of the server, mounted to $HOME/remote.
There is a caveat with this simple $HOME/remote approach. None of my document shortcuts function because the normal LAN file paths are not being used. My work-around is to mount through the root account, which has permissions to mount to the expected network mount point. In my use case this requires using the
Interestingly, SSHFS is a user space file system and with normal usage, root is forbidden from accessing the mount point. That can be configured by using the
user_allow_other option in
/etc/fuse.conf and then using the
allow_root option in the connection command.
sshfs remote_server:/ remote -o allow_root
Once the mount point is established, remote files are treated as local files, much like NFS or Samba shares, or a VPN. This method does not require X forwarding. Local versions of all apps may be used.
Both SSHFS and SSH can be used concurrently.
A pretty slick tool actually. For certain use cases this method negates the need for a VPN connection. This is the case for me and removes the sting of being unable to configure OpenVPN. At least now OpenVPN can be placed on the “rainy day” back burner list of things to do.