Arch Linux

dabd

Member

Registered: 2008-11-17

Posts: 109

Editing remote files with sshfs as another user

I can 'sudo su - otheruser' in another machine and I would like to edit some files as 'otheruser' on that machine using sshfs.
Is there some way to achieve this?

Thanks.

Xyne

Administrator/PM

Registered: 2008-08-03

Posts: 6,963

Website

Re: Editing remote files with sshfs as another user

Hmmm. If I've understood the problem, I think I have a solution.

You're user "foo" on a remote machine.
You can change to user "bar" using "sudo su - bar" but you can't log in via ssh as user "bar".
You want to use sshfs to edit files on the remote machine as if you were "bar".
You can't edit the files via sshfs as user "foo" because you don't have the right permissions (you would need sudo).

Possible solution:
Install "bindfs" on the remote machine.
Log in via ssh as user "foo" and change to user "bar".
Use bindfs to mount the desired directory with write permissions for "foo".
Use sshfs to access the mounted directory on the remote machine.

I think the bindfs command would be

bindfs --user bar --mirror-only foo /path/to/dir /path/to/mountpoint

Anything that you do in /path/to/mountpoint via sshfs should be translated to /path/to/dir as if you were "bar". I haven't tested it though.

---

My Arch Linux Stuff • Forum Etiquette • Community Ethos - Arch is not for everyone

firecat53

Member

From: Lake Stevens, WA, USA

Registered: 2007-05-14

Posts: 1,542

Website

Re: Editing remote files with sshfs as another user

Heh, I actually just figured this out yesterday -- it's not that hard. Well, if I understand your question correctly, at least

For example: Localhost -- user 'alpha'
Remote host (named 'remote') -- user 'bravo'. You need to have ssh access for user 'bravo', so for example in your .ssh/config you might have:

Host remote
HostName remotehost.dyndns.org
User bravo
Port 3500

So normally to ssh in to 'remote' you would just type 'ssh remote' and then enter password or passphrase (I recommend ssh-agent so you don't need to retype these all the time!).

Next make your mountpoint and make sure you CHMOD 777!! This was the part that got me stuck for a long time at first. So:

mkdir /mnt/remote && chmod 777 /mnt/remote

Then to mount the remote share with sshfs, as your normal user 'alpha':

sshfs -o idmap=user remote:/home/bravo /mnt/remote

The key part is the 'idmap=user'. That translates your username into the remote username and vice versa.  Now you can use your choice of tools to manipulate the files in /mnt/remote as user 'alpha', and they will be owned by user 'bravo' on the remote machine.

Then to unmount:

fusermount -u /mnt/remote

That's it!

Good luck!
Scott

Last edited by firecat53 (2010-11-05 03:11:01)

---

Github

dabd

Member

Registered: 2008-11-17

Posts: 109

Re: Editing remote files with sshfs as another user

That is exactly my situation. Thanks a lot for the suggestion!  However, I have to convince our sysadmin to install bindfs on the remote machine...

Hmmm. If I've understood the problem, I think I have a solution.

You're user "foo" on a remote machine.
You can change to user "bar" using "sudo su - bar" but you can't log in via ssh as user "bar".
You want to use sshfs to edit files on the remote machine as if you were "bar".
You can't edit the files via sshfs as user "foo" because you don't have the right permissions (you would need sudo).

Possible solution:
Install "bindfs" on the remote machine.
Log in via ssh as user "foo" and change to user "bar".
Use bindfs to mount the desired directory with write permissions for "foo".
Use sshfs to access the mounted directory on the remote machine.

I think the bindfs command would be

bindfs --user bar --mirror-only foo /path/to/dir /path/to/mountpoint

Anything that you do in /path/to/mountpoint via sshfs should be translated to /path/to/dir as if you were "bar". I haven't tested it though.

Last edited by dabd (2010-11-05 11:36:36)

dabd

Member

Registered: 2008-11-17

Posts: 109

Re: Editing remote files with sshfs as another user

The problem is that I don't have ssh access for user 'bravo'... Thanks for the suggestion!

Heh, I actually just figured this out yesterday -- it's not that hard. Well, if I understand your question correctly, at least

For example: Localhost -- user 'alpha'
Remote host (named 'remote') -- user 'bravo'. You need to have ssh access for user 'bravo', so for example in your .ssh/config you might have:

Host remote
HostName remotehost.dyndns.org
User bravo
Port 3500

So normally to ssh in to 'remote' you would just type 'ssh remote' and then enter password or passphrase (I recommend ssh-agent so you don't need to retype these all the time!).

Next make your mountpoint and make sure you CHMOD 777!! This was the part that got me stuck for a long time at first. So:

mkdir /mnt/remote && chmod 777 /mnt/remote

Then to mount the remote share with sshfs, as your normal user 'alpha':

sshfs -o idmap=user remote:/home/bravo /mnt/remote

The key part is the 'idmap=user'. That translates your username into the remote username and vice versa.  Now you can use your choice of tools to manipulate the files in /mnt/remote as user 'alpha', and they will be owned by user 'bravo' on the remote machine.

Then to unmount:

fusermount -u /mnt/remote

That's it!

Good luck!
Scott

Xyne

Administrator/PM

Registered: 2008-08-03

Posts: 6,963

Website

Re: Editing remote files with sshfs as another user

That is exactly my situation. Thanks a lot for the suggestion!  However, I have to convince our sysadmin to install bindfs on the remote machine...

If you can't use bindfs then maybe you could do this with 2 bash scripts.

sshfs_up.hs

#!/bin/bash
remote_dir="$1"
ssh foo@host "sudo chown -R foo '$remote_dir'"
sshfs foo@host:"$remote_dir" mountpoint

sshfs_down.hs

#!/bin/bash
remote_dir="$1"
fusermount mountpoint
ssh foo@host "sudo chown -R bar '$remote_dir'"

Usage:

sshfs_up.hs
<do what you need to do with the files>
sshfs_down.hs

If recursively chowning the files isn't safe, then maybe this would work (possibly with some tweaking):

sshfs_up.hs

#!/bin/bash
remote_dir="$1"
ssh foo@host "rsync '$remote_dir' /path/to/some/dir"
sshfs foo@host:/path/to/some/dir mountpoint

sshfs_down.hs

#!/bin/bash
remote_dir="$1"
fusermount mountpoint
ssh foo@host "sudo -u bar rsync --update /path/to/some/dir '$remote_dir'"

If rsync isn't available then you could accomplish this with a custom bash script that updates modified files.

---

My Arch Linux Stuff • Forum Etiquette • Community Ethos - Arch is not for everyone

dabd

Member

Registered: 2008-11-17

Posts: 109

Re: Editing remote files with sshfs as another user

Xyne: excelent ! thanks