Mount a remote file system using SSHFS [closed]

Question

Ok, the setup is a bit convoluted. Don't blame me, I'm not the sysadmin.

Here's the situation. There is one machine that I can SSH into from outside the network. I can only remote in as root (yes, you heard right) using my private key. I know that it is more typical to log in as a user and then elevate privileges, but in this case, I have to do the opposite.

The problem is that I want to use SSHFS in order to mount the file system remotely. I have this working perfectly. However, I don't want every file that I muck with to reflect root permissions. I would like to de-elevate first (su to a user account).

Anyone know how I can do this with SSHFS?

Answer 1

You can create a script to intercept the call to the sftp subsystem on the remote machine. Put the following script somewhere on the remote server, let's say /root/bin/sftp_intercept:

#!/bin/sh
exec sudo -u less_privileged_user /usr/lib/openssh/sftp-server

and then make the call like so:

sshfs root@remote:dir mountpoint -o sftp_server=/root/bin/sftp_intercept

That should then give the desired results.

You'll need an apropriate sudoers entry to make sudo work without it prompting for a password, and don't forget to "chmod 755 ~/bin/sftp_intercept".

Also, make sure that /usr/lib/openssh/sftp-server is indeed the path to the sftp-server. If not, then perhaps it is /usr/lib/sftp-server.

Answer 2

The sshfs manpage suggests that passing

-o uid=$YOURUID -o gid=$YOURGID

to your sshfs invocation should set the user/group of the files you create to that uid/gid. You'll need to find these on the remote system, obviously.