Also, the line with the echo should be in the same file, it’s not separate.

(Bad formatting on my part, sorry. Would be easier with a preview.)

Of course I did some more digging… And even though I’m the only one using this on my computers, I did find a way to accomplish this for a multi-user environment, using executable maps. It assumes that the different users on your local machine are also different users on each remote machine, which to me seems natural. Also, same as with the original method, I don’t know how secure this is.

Anyway, in /etc/auto.master, I have:

/mnt/sshfs /etc/auto.sshfs --timeout=60


and in /etc/auto.sshfs, I have:

#!/bin/bash
# This file must be executable to work! chmod 755!
key="${1/%:/}"
user="${key/@*/}"
server="${key/*@/}"
mountopts="-fstype=fuse,rw,nodev,nonempty,noatime,allow_other,max_read=65536,follow_symlinks,uid=\$UID,gid=\$GID,UserKnownHostsFile=\$HOME/.ssh/known_hosts,IdentityFile=\$HOME/.ssh/id_rsa"

echo "$mountopts :sshfs\#${user}@${server}\:"

Note the \$UID, \$GID and \$HOME (escaped so bash won’t perform substitution), which will be replaced by autofs with the relevant parameters of the user that requested the automount.
Also note that /etc/auto.sshfs must be an executable map:

chmod 755 /etc/auto.sshfs


Now, I can say as an ordinary user with local username soemraws:

cd /mnt/sshfs/remotename@some.remote.system.com

and through the magic combination of executable maps and variable expansion, I have my homedir as user remotename on the system some.remote.system.com, with the local UID and GID. Note that I use id_rsa as the identity file of the calling user, so all users should do the same. Of course, you could tell your users to symlink their identity to ~/.ssh/identity and use that in IdentityFile.

In my local homedir, I can make symbolic links to /mnt/sshfs/… and other users can as well. As you see, as long as two different local users are also two different users on the remote system, there is no clash of directory names in /mnt/sshfs, since the key is user@remote.

If you require tunnels to be setup, you can expand /etc/auto.sshfs to look for specific files in the user’s home dir. Since /etc/auto.sshfs is a bash script, the sky is the limit!

Cipher=”blowfish”,idmap=user,

in between all the other options in each line in /etc/auto.sshfs

Grazie!

I just wish the SSHFS protocol was a bit faster :) (I know server speed is involved, but it seems slower than it should be).

According to the ssh-agent Wikipedia article, ssh-agent creates a socket in /tmp that could be used by root to decrypt an ssh challenge response.

So shouldn’t it be possible to have autofs do this? With fuse Autofs you can pass any ssh option you want, so a good starting point would be to see if you can get the root user to open up ssh connections using the non-priv user’s key.

After that autofs wildcards would be cool. The goal being a directory in my home dir where any directory you change into automatically attempts to make an sshfs mount point to that machine.