Configure the remote ssh server to accept the connection for root with the ED25519 key. Edit your /etc/sshd_config
Port 12345 AllowUsers root PubkeyAuthentication yes AuthorizedKeysFile .ssh/authorized_keys
In your local PC, create the private and public keys:
root@localhost:~# ssh-keygen -d ed25519 Generating public/private ed25519 key pair. Enter file in which to save the key (/root/.ssh/id_ed25519): Enter passphrase for "/root/.ssh/id_ed25519" (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_ed25519 Your public key has been saved in /root/.ssh/id_ed25519.pub The key fingerprint is: SHA256:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx root@mydomain.tld The key's randomart image is: +--[ED25519 256]--+ | ==o =| | oo. o| | .o ..= | | . o. oo*.+| | . . S =.BoBE| |.. . . = + +.B..| |= o . o .. . . | |.B .. . | |. +o... | +----[SHA256]-----+
Append the public key id_ed25519.pub to the remote server's ~/.ssh/authorized_keys file. ssh-copy-id is a program which can do this for you:
root@localhost:~# ssh-copy-id -i ~/.ssh/id_ed25519 -p 12345 root@remoteHost
Now test that the connection is allowed with no password:
root@localhost:~# ssh -p 12345 -l root -i /root/.ssh/id_25519 <remoteHost> Last login: Mon Sep 2 16:04:57 2013 from localhost Linux 2.6.32.10-vs2.3.0.36.29.2-smp. root@remotehost:~#
You can have a quick connection to the remote Host if you setup a ~/.ssh/config file as follow
Host RemoteHost HostName remoteHost.net User root Port 12345 IdentityFile ~/.ssh/id_ed25519
and connecting as
> ssh RemoteHost Enter passphrase for key '/root/.ssh/id_ed25519': Last login: Mon Sep 2 16:04:57 2013 from localhost Linux 2.6.32.10-vs2.3.0.36.29.2-smp. root@remotehost:~#
Now you can mount with sshfs as follows
sshfs RemoteHost:/path/to/remote/folder /path/to/local/mount -F ~/.ssh/config
Mounting remotely with curlftpfs
If ssh is not an option, but you have an ftp connection available. you may want to use curlftpfs to mount the remote folder locally, encrypting the connection with TLS in this way:
curlftpfs -v \
-o ssl_control \
-o no_verify_hostname \
-o no_verify_peer \
-o uid=1000 \
-o gid=100 \
-o umask=022 \
ftp://ftp.mydomain.xyz/ \
/local/mnt/folder/
This command requires that your ftp account was saved in your ~/.netrc file in this way:
> more ~/.netrc machine ftp.mydomain.xyz login myuser password mypass
Take a look to the curlftpfs' man page for details on http://linux.die.net/man/1/curlftpfs.
