Operating Systems 2014F: Tutorial 9: Difference between revisions
(2 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
In this tutorial you will be learning about [http://www.openssh.org ssh (openssh)] and [http://fuse.sourceforge.net/sshfs.html sshfs], a network filesystem built on [http://fuse.sourceforge.net/ FUSE]. | In this tutorial you will be learning about [http://www.openssh.org ssh (openssh)] and [http://fuse.sourceforge.net/sshfs.html sshfs], a network filesystem built on [http://fuse.sourceforge.net/ FUSE]. | ||
Line 53: | Line 51: | ||
chmod 700 ~/.ssh (make it private) | chmod 700 ~/.ssh (make it private) | ||
mv ~/authorized_keys ~/.ssh | mv ~/authorized_keys ~/.ssh | ||
chmod 600 ~/.ssh/authorized_keys | |||
Now you can log in to user other by typing in the passphrase you used to lock the key you generated. | Now you can log in to user other by typing in the passphrase you used to lock the key you generated. | ||
Line 59: | Line 58: | ||
ssh-add | ssh-add | ||
Note I expect the above to be a bit confusing. Do look around for resources on public key cryptography; however, you may find that playing around with ssh authentication may help you understand things better. In particular, try using "-v" (verbose) with ssh. | |||
===Things to explore before the end of tutorial=== | ===Things to explore before the end of tutorial=== |
Latest revision as of 19:56, 28 November 2014
In this tutorial you will be learning about ssh (openssh) and sshfs, a network filesystem built on FUSE.
Setup
Install the openssh-server and sshfs packages:
sudo apt-get install openssh-server sshfs
Create a second user in the virtual machine named "other" (or any other name you wish to use):
sudo adduser other
(Answer the subsequent prompts however you wish, just remember the password.)
At this point you should be able to log in to the "other" account using ssh:
ssh other@localhost
Remote filesystems using sshfs
To mount the other user's files (as the user student) in a directory called "otherfiles", do the following:
mkdir otherfiles sshfs other@localhost: otherfiles
To unmount the filesystem:
fusermount -u otherfiles
Public key authentication and ssh
Create a public key file for the student user:
ssh-keygen
(Accept the default filename and choose at least a simple passphrase.)
You just created a certificate! (A certificate is just a public key with metadata.)
Copy the key to the other account:
cat ~/.ssh/id_rsa.pub >> authorized_keys scp authorized_keys other@localhost:. rm authorized_keys ssh other@localhost
(as user other) mkdir ~/.ssh (if it doesn't exist already) chmod 700 ~/.ssh (make it private) mv ~/authorized_keys ~/.ssh chmod 600 ~/.ssh/authorized_keys
Now you can log in to user other by typing in the passphrase you used to lock the key you generated.
To avoid entering this passphrase every time, you can give it to the authentication agent (generally, ssh-agent) that was started when you logged in:
ssh-add
Note I expect the above to be a bit confusing. Do look around for resources on public key cryptography; however, you may find that playing around with ssh authentication may help you understand things better. In particular, try using "-v" (verbose) with ssh.
Things to explore before the end of tutorial
- Look at the hard link counts of files locally and compare those to the link counts over sshfs. How do they compare?
- Can you access sshfs mounted files as root? (You can become root by typing "sudo su -".) What happens?
- Look at inode numbers in local and remote filesystems (as reported by ls -i). How do they compare?
- dd a large file to local drive. Do same thing over sshfs. Which is faster?
- Can you sshfs to the SCS systems (e.g., access.scs.carleton.ca)?
- Setup password-less login to the SCS system (and then undo it).
You should be able to do all of the above before you leave tutorial.