This tutorial will show you how to install the SSHFS client on Linux and how to mount a Storage Box.
Installing SSHFS
SSHFS is Linux based software that needs to be installed
Ubuntu / Debian
apt update apt install sshfs
RHEL & Centos
yum install sshfs
Mounting a Storage Box
To mount a remote directory the SSH user needs to be able to access it. The SSHFS mount command takes the following form:
sshfs <username>@<username>.your-storagebox.de: /mnt/
If you want to permanently mount the remote directory you need to edit the local machine’s /etc/fstab file an add a new mount entry. When creating a persistent mount make sure you can connect the remote host using the SSH key-based authentication.
Open fstab file
nano /etc/fstab
Scroll to the bottom of the file and add the following entry
<username>@<username>.your-storagebox.de: /mnt/ fuse.sshfs defaults 0 0
Unmounting a Remote File System
fusermount -u /mnt
SSH key authentication for storage boxes
If you use SCP, SFTP, rsync or BorgBackup, you can log in using SSH key authentication without entering a password.
Important note: Depending on the SSH port of the backup account/storage box you use, you may need to use a specific format for the public SSH key. For SSH port 22 (SFTP and SCP only), you are required to use a public SSH key in RFC4716 format. For SSH port 23 (SFTP, SCP, rsync and BorgBackup) you are required to use a common public SSH key in OpenSSH format. If you want to use the services over both ports, then you must store the public SSH key in both formats.
Using an ed25519 key is not supported on SSH port 22.
Please note that each sub-account requires its own authorized_keys file.
Generating SSH keys
You can use ssh-keygen to generate a new pair of SSH keys:
ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: cb:3c:a0:39:69:39:ec:35:d5:66:f3:c5:92:99:2f:e1 [email protected] The key's randomart image is: +--[ RSA 2048]----+ | | | | | | | . = | | . S = * o | | . = = + + = | | X o = E . | | o + . . . | | . | +-----------------+
Creating authorized_keys file
Insert the required public SSH keys into a new local authorized_keys file.
For SSH over port 23 (SCP, SFTP, Rsync and Borg Backup), add the public SSH key in OpenSSH format:
server> cat .ssh/id_rsa.pub >> storagebox_authorized_keys
If you converted your public SSH key to RFC4716 format in the previous step, add it as well:
server> cat .ssh/id_rsa_rfc.pub >> storagebox_authorized_keys
You can also add the public SSH key in both formats.
Uploading authorized_keys
Now you need to upload the generated authorized_keys file to the storage box/backup account. To do this, create the directory .ssh with the file rights 0700 (rwx——) and create the file authorized_keys with the public SSH keys and the file rights 0600 (rw——-).
You can do this with the following command, for example:
server> echo -e "mkdir .ssh \n chmod 700 .ssh \n put storagebox_authorized_keys .ssh/authorized_keys \n chmod 600 .ssh/authorized_keys" | sftp <username>@<username>.your-storagebox.de [email protected]'s password: Connected to u12345.your-storagebox.de'. sftp> mkdir .ssh sftp> chmod 700 .ssh Changing mode on /.ssh sftp> put storagebox_authorized_keys .ssh/authorized_keys Uploading storagebox_authorized_keys to /.ssh/authorized_keys storagebox_authorized_keys 100% 2916 2.0MB/s 00:00 sftp> chmod 600 .ssh/authorized_keys Changing mode on /.ssh/authorized_keys
Based on which SSH key format you have uploaded you should be able to log in without a password on port 22 and/or 23:
sftp -P <22 or 23> <username>@<username>.your-storagebox.de Connected to <username>.your-storagebox.de. sftp> quit
Warning: The ssh-copy-id command cannot be used to upload the public SSH key.