Photon OS with sshfs from source
Today I had reason to build a Photon OS image with sshfs installed. I built this in my VMware Fusion environment where I’m playing with writing code for Photon. Using sshfs lets me mount my MacBook Pro’s workspace files inside Photon in a cheap and light weight way.
This post is a record of what I did to set that up. If there’s a definitive guide, please go see that. I’m not saying this is necessarily the best way to do things I just felt like trying this out.
NOTE: I chose to build from source, because reasons. If by the time you’re reading this there’s a yum package for sshfs … use that instead! And I’m experimenting with packages for Photon so you find I’m presuming that a lot of stuff is installed. I’ve tried to cover most of the dependencies but I might have missed something.
$ sudo yum list > ~/yum_list.txt
Most of my command prompts look like:
hartsocks@photon-48c69818170f [ ~/workspaces/sshfs ]$
… but I’ve trimmed that for brevity.
dependencies: glibc-devel, fuse-devel, libconfig
$ sudo yum install glibc-devel.x86_64
$ sudo yum install fuse-devel.x86_64
$ sudo yum install libconfig.x86_64
Obtain Source for sshfs
$ git clone https://github.com/libfuse/sshfs.git
$ cd sshfs
at the time of this writing, the ./configure file was missing so I had to generate it for the project.
$ autoreconf -i
once generated you can configure the project for build
… if you see …
sshfs.c:12:18: fatal error: fuse.h: No such file or directory
… oops! go back and get fuse-devel installed …
$ sudo make install
make: Entering directory ‘/home/hartsocks/workspaces/sshfs’
/usr/bin/mkdir -p ‘/usr/local/bin’
/usr/bin/install -c sshfs ‘/usr/local/bin’
/usr/bin/mkdir -p ‘/usr/local/share/man/man1’
/usr/bin/install -c -m 644 sshfs.1 ‘/usr/local/share/man/man1’
make: Leaving directory ‘/home/hartsocks/workspaces/sshfs’
… now use sshfs to mount your remote file system!
mount the remote directory
Create a local Photon OS directory to mount the remote SSH directory on to…
hartsocks@photon-48c69818170f [ ~ ]$ mkdir -p workspaces/remote
You’ll have to enable remote login on your Mac (or windows, or linux box, or what have you).
Mount the remote file system on the local file system with just SSH!
$ sudo sshfs \
-o allow_other \
Note: the fully qualified path, the ~ short cut does not seem to work. You should also note that sshfs needs the username in its mount point URI so that it knows what user to auth as. I tried to pare down this command, but that’s about as short as it gets before things break.
Optional: using SSH keys
First generate a key for the Photon OS instance and make it an authorized key on your Mac. If you want to have a password-less login you’ll need to create your SSH key without a passphrase.
NOTE: Only move around *.pub files never move private keys!
$ scp .ssh/id_rsa.pub laptop:~/photon_id_rsa.pub
$ ssh hartsocks@laptop
# shelled over to the laptop now
shartsock-mbpro:~ hartsocks$ cat photon_id_rsa.pub >> \
.ssh/authorized_keys && rm photon_id_rsa.pub
# back on the Photon instance
Now with the keys shared you can write the mount command like this:
$ sudo sshfs \
-o allow_other -o IdentityFile=~/.ssh/id_rsa \
Note: The -o IdentityFile in the version of sshfs I was using, you have to use separate -o for each option or the CLI parser does not seem to see all the options.
Now you can mount the remote file system inside Photon OS via SSH and secure both ends by managing authorized SSH keys.