Remember the Users
RSS imageAbout About Me

The ongoing challenge of using free/libre software.

SSHFS — A VPN Alternative

I returned to configuring an OpenVPN server in DD-WRT. My previous attempt had failed.

I again ran into unresolved problems. My PPTP VPN connection “just works.” I am not concerned about the various security issues with PPTP. I expect my usage to be limited and used only from trusted secure access points. I do not keep ports open on my LAN until needed, and even then only one open port through which I open additional ports.

Resigned to letting OpenVPN efforts sit idle for a while, I pursued a different way of remotely accessing server files.

SSHFS.

I already had SSH access to my router, server, and office desktop using port forwarding. Through these SSH connections I could run a VNC session as well.

With some nominal twists in the command line, I could use SSHFS to connect to remote shares using the same SSH connections and user $HOME/.ssh/config file.

To remotely connect to my LAN server I use the following:

ssh remote_server

Where remote_server is defined in my $HOME/.ssh/config file.

To use SSHFS I slightly modify that command:

sshfs remote_server:/ remote

Where remote is a user $HOME empty mount point. In this example I connect to the root directory of the server, mounted to $HOME/remote.

There is a caveat with this simple $HOME/remote approach. None of my document shortcuts function because the normal LAN file paths are not being used. My work-around is to mount through the root account, which has permissions to mount to the expected network mount point. In my use case this requires using the nonempty option.

Interestingly, SSHFS is a user space file system and with normal usage, root is forbidden from accessing the mount point. That can be configured by using the user_allow_other option in /etc/fuse.conf and then using the allow_root option in the connection command.

sshfs remote_server:/ remote -o allow_root

Once the mount point is established, remote files are treated as local files, much like NFS or Samba shares, or a VPN. This method does not require X forwarding. Local versions of all apps may be used.

Both SSHFS and SSH can be used concurrently.

A pretty slick tool actually. For certain use cases this method negates the need for a VPN connection. This is the case for me and removes the sting of being unable to configure OpenVPN. At least now OpenVPN can be placed on the “rainy day” back burner list of things to do.

Posted: February 22, 2017 Category: Tutorial, Usability Tagged: DD-WRT, General

Next: Finding A New Desktop Distro

Previous: Configuring an OpenVPN Server in DD-WRT — 2

No cookies, no JavaScript, no Flash, no ads, no tracking. Just a blog.

Remember the Users
RSS imageAbout About Me