Configure the remote ssh server to accept the connection for root with the RSA key. Edit your /etc/sshd_config
Port 12345 AllowUsers root PubkeyAuthentication yes AuthorizedKeysFile .ssh/authorized_keys
In your local PC, create the private and public keys:
root@localhost:~# ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa_remoteHost): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa_remoteHost. Your public key has been saved in /root/.ssh/id_rsa_remoteHost.pub. The key fingerprint is: a0:53:33:c5:d1:ea:4c:e2:a1:98:d9:ba:b0:e8:5f:90 root@localhost The key's randomart image is: +--[ RSA 2048]----+ | o++o | | o. . | | . .. | | .oo. | | E.O .S | | * * | |. . o . | |.o. . . | |+.oo | +-----------------+
Append the public key id_rsa_remoteHost.pub to the remote server's ~/.ssh/authorized_keys file. ssh-copy-id is a program which can do this for you:
root@localhost:~# ssh-copy-id -i ~/.ssh/id_rsa_remoteHost -p 12345 root@remoteHost
Now test that the connection is allowed with no password:
root@localhost:~# ssh -p 12345 -l root -i /root/.ssh/id_rsa_remoteHost <remoteHost> Last login: Mon Sep 2 16:04:57 2013 from localhost Linux 2.6.32.10-vs2.3.0.36.29.2-smp. root@remotehost:~#
You can have a quick connection to the remote Host if you setup a ~/.ssh/config file as follow
Host RemoteHost HostName remoteHost.net User root Port 12345 IdentityFile ~/.ssh/id_rsa_remoteHost
and connecting as
> ssh RemoteHost Enter passphrase for key '/root/.ssh/id_rsa_remoteHost': Last login: Mon Sep 2 16:04:57 2013 from localhost Linux 2.6.32.10-vs2.3.0.36.29.2-smp. root@remotehost:~#
Now you can mount with sshfs as follows
sshfs RemoteHost:/path/to/remote/folder /path/to/local/mount -F ~/.ssh/config
Mounting remotely with curlftpfs
If ssh is not an option, but you have an ftp connection available. you may want to use curlftpfs to mount the remote folder locally, encrypting the connection with TLS in this way:
curlftpfs -v \
-o ssl_control \
-o no_verify_hostname \
-o no_verify_peer \
-o uid=1000 \
-o gid=100 \
-o umask=022 \
ftp://ftp.mydomain.xyz/ \
/local/mnt/folder/
This command requires that your ftp account was saved in your ~/.netrc file in this way:
> more ~/.netrc machine ftp.mydomain.xyz login myuser password mypass
Take a look to the curlftpfs' man page for details on http://linux.die.net/man/1/curlftpfs.
