.comment-link {margin-left:.6em;} <$BlogRSDURL$>

Monday, December 01, 2008

Auto mounting an sshfs volume at login on OS X Leopard 10.5.5 using MacFuse 

If you maintain a remote machine, it can be really useful to mount that machine's filesystem locally to move files around. MacFuse and sshfs make this really easy, although getting it set up and mounted automatically at login can be a bit tricky.

First, make sure you can ssh to your remote machine without entering a password. Do the setup in http://ormset.no/wordpress/2007/10/28/leopard-finally-supporting-ssh-agent-at-login/ and verify that it works:

ssh USER@HOSTNAME:

If it logged you in without prompting for a password or passkey, you're ready to proceed.

Next, install sshfs and MacFuse as per http://emmby.blogspot.com/2008/12/installing-sshfs-19-with-macfuse-17-on.html

Figure out where you want to mount your remote volume. I wouldn't recommend using /Volumes since it appears that OS X automatically deletes directories in there when you unmount things. So instead I used /mnt/HOSTNAME

mkdir -p /mnt/HOSTNAME

(Obviously, you'll replace HOSTNAME with whatever your remote server's name is)

Then make sure you can mount your remote site as a volume without specifying a password using sshfs:

sshfs USER@HOSTNAME:PATH /mnt/HOSTNAME -oreconnect,allow_other,volname=VOLUME_NAME

Set VOLUME_NAME to whatever you want your volume to be named in the Finder. I used HOSTNAME. PATH is optional, set it to whichever directory you want to mount on the remote host. If it's not set, it'll use your home directory.

If you get no error messages and when you do an "ls /mnt/HOSTNAME" the remote files show up, then you're ready to proceed to the next step.

Unmount the volume you just mounted:

umount /mnt/HOSTNAME


Now comes the tricky party. You'll need to create a LaunchAgent item to mount your volume at login. This in itself is pretty easy. However, if your system is anything like mine, this item won't have its SSH_AUTH_SOCK set properly so it won't be able to login to the remote host without using a password. You'll have to manually set the SSH_AUTH_SOCK yourself.

First, create a wrapper around sshfs that will set the SSH_AUTH_SOCK for you. Put this in a file wherever you want, I suggest /opt/local/bin/sshfs-authsock

#!/bin/bash
export SSH_AUTH_SOCK=$( ls -t /tmp/launch-*/Listeners | head -1)
/opt/local/bin/sshfs $*

Basically, this file sets SSH_AUTH_SOCK to the most recent socket in your tmp directory. In most cases, this should be the proper one. It's unlikely to fail, and there's no security issue if it does.

Now you can finally create the launchd plist file. Put this in ~/Library/LaunchAgents/BACKWARDS_HOST_DNS.PATH.sshfs.plist

(if your host's path is, say, foo.niskala.org and your PATH was /tmp, then your resulting filename would be org.niskala.foo.tmp.sshfs.plist. This is just a convention, feel free to name the file whatever you want really, but it does need to end in .plist)



<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>BACKWARDS_HOST_DNS.PATH.sshfs</string>
<key>ProgramArguments</key>
<array>
<string>/opt/local/bin/sshfs-authsock</string>
<string>USER@HOSTNAME:</string>
<string>/mnt/HOSTNAME</string>
<string>-oreconnect,allow_other,volname=VOLUME_NAME</string>
</array>
<key>RunAtLoad</key>
<true/>
</dict>
</plist>


Now load the plist file and run it to see if it works.

launchctl load ~/Library/LaunchAgents/BACKWARDS_HOST_DNS.PATH.sshfs
launchctl start BACKWARDS_HOST_DNS.PATH.sshfs

If you see no error messages, see if the volume was mounted properly:

ls /mnt/HOSTNAME

If your remote files show up, then great! You're done!

If not, use "launchctl unload ~/Library/LaunchAgents/BACKWARDS_HOST_DNS.PATH.sshfs" to unload the file before making edits to it, then use "ps auxwww | grep sshfs" and "kill" to find and kill any sshfs processes before trying again.

Hope this helps.

References

Comments: Post a Comment


This page is powered by Blogger. Isn't yours?