Adding a SSH Share Using SSHFS and Viewing Netstat

I just want to doc the basics of this and will add as I find more info, with the initial overview coming from:

http://www.howtogeek.com/howto/ubuntu/how-to-mount-a-remote-folder-using-ssh-on-ubuntu/

Beware the line for changing ownership of /dev/fuse or any other fuse related commands at that link for Ubuntu!

My Mint PC lost my user mdm (mint desktop manager) access so now I cannot log in to my user desktop!

I still haven't fixed it yet!

I found I did NOT need to do any other than install sshfs in both Mint and Raspbian for sshfs to work and create a share on a remote host by opening a SSH session, so I don't know why the geek site had to chown /dev/fuse etc, but then I don't use Ubuntu.

SSHFS works for a local network shared PC and the Internet.

To solve the issue of Motion sending large appended time-lapse films - which is their nature - you can create real time .avi files instead and access them remotely by still sending them manually as a sendemail attachment if you want of course, from the command line, after getting an SSH session going, or using SSHFS to create a local directory of the remote share.

You only need the -o nonempty switch if the share has sub-directories.

This is of the form:

$ sshfs root@pinoir:/Share/motion/ /remotenoir -o nonempty

First:

apt-get install sshfs

Open a SSH session to the remote PC:

ssh user@80.x.x.x

password etc.

Organise your remote directory structure how you want that will mount to a local directory - where depends on who you are, whether root etc. e.g.

On the local PC create a local mount point for the remote share e.g.:

mkdir /home/stevee/Remblanc/

The command form is then:

sshfs root@80.x.x.x:/Share/motion/ /home/stevee/Remblanc/ -o nonempty

I don't like using commands relating to the (~) pwd, I use full paths as I find it less confusing, so the /home/stevee/Remblanc/ part of the above command is the LOCAL PC dir where the remote share will mount to.

The "/Share/motion" part of the command is for the /Share existing on the root dir of the remote linux PC, but note there is no space between the "user@address:/Share" part of the command.

When run, this just mounts the remote directory by opening a new SSH session - great!

Files on the remote PC can then be copied/deleted etc. as any network share like Samba access allows, permissions depending. I did this as root first so I know if the command structure is correct first, and not a permission issue if it failed.

In the case of Motion, I have the Pi cam writing its movies to the /Share/motion directory, so they are visible by samba - Win and Lin PCs locally - so can be viewed with VLC, or deleted etc. by any PC on my home network.

I already opened ports on my router for the Picams streams, so I just added another NAT port for SSH (use a different port than 22 that only you would know for extra security if you like).

I can now copy these to any remote PC I have SSH on, should I receive an email that motion has occurred and wish to view either jpgs or an .avi movie when at work by looking at the file size remotely, and judging if I want copy and view it or not.

You can use GUIs for this too of course, or secure copy (SCP) if you want encryption with a transfer, as shown in the link for Ubuntu GUIs above.

I always like to know the command line ways primarily, should you be dealing with headless servers, and because it's efficient (mostly).

What I found interesting is running netstat -nat - which is numeric, all, tcp - to find the port 22 NAT translation does not show end to end between my work PC and home router, but between a BT server (presumably the last hop gateway to my router) so the Inet address is NOT my home router WAN address that I get from my noip.com DynDNS account. This is confirmed by using a whois service webpage.

$ netstat -nat
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 224 192.168.1.13:22 81.156.224.195:49032 ESTABLISHED
tcp 0 0 192.168.1.13:22 81.156.224.195:49041 ESTABLISHED

IP Address 81.156.224.195
% Abuse contact for '81.154.0.0 - 81.157.255.255' is ''

inetnum: 81.154.0.0 - 81.157.255.255
remarks: *******************************************************************
remarks: * Report abuse via: http://bt.custhelp.com/app/contact/c/346,3024 *
remarks: *******************************************************************
netname: BT-CENTRAL-PLUS
descr: IP pools
country: GB

MintRecPC stevee # netstat nat | grep ssh
tcp 0 0 192.168.1.11:48677 46.59.189.80.dyn.pl:ssh ESTABLISHED

But if you run netstat nat (no - switch) to show NAT translations I believe, though can't find that in the man page or with --help, you DO get PC to router end to end info:

MintRecPC stevee # netstat nat | grep ssh
tcp 0 0 192.168.1.11:48677 x.x.x.80.dyn.pl:ssh ESTABLISHED

They are very different commands if you look at the output or count the output lines between them:

MintRecPC stevee # netstat nat | wc -l
420

MintRecPC stevee # netstat -nat | wc -l
19

These SSH connections can be persistent - they stayed attached even after logging out - I had to reboot to close them.

Comments are closed.

Post Navigation