Operating Systems 2017F: Tutorial 8

From Soma-notes
Revision as of 00:05, 24 November 2017 by Soma (talk | contribs) (Created page with "In this tutorial you will be learning about [http://www.openssh.org ssh (openssh)] and [http://fuse.sourceforge.net/sshfs.html sshfs], a network filesystem built on [http://fu...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

In this tutorial you will be learning about ssh (openssh) and sshfs, a network filesystem built on FUSE.

Setup

Install the openssh-server and sshfs packages:

sudo apt-get install openssh-server sshfs

Create a second user in the virtual machine named "other" (or any other name you wish to use):

sudo adduser other

(Answer the subsequent prompts however you wish, just remember the password.)

At this point you should be able to log in to the "other" account using ssh:

ssh other@localhost


Remote filesystems using sshfs

To mount the other user's files (as the user student) in a directory called "otherfiles", do the following:

mkdir otherfiles
sshfs other@localhost: otherfiles

To unmount the filesystem:

fusermount -u otherfiles


Public key authentication and ssh

Create a public key file for the student user:

ssh-keygen

(Accept the default filename and choose at least a simple passphrase.)

You just created a certificate! (A certificate is just a public key with metadata.)

Copy the key to the other account:

cat ~/.ssh/id_rsa.pub >> authorized_keys
scp authorized_keys other@localhost:.
rm authorized_keys
ssh other@localhost
(as user other)
mkdir ~/.ssh (if it doesn't exist already)
chmod 700 ~/.ssh  (make it private)
mv ~/authorized_keys ~/.ssh
chmod 600 ~/.ssh/authorized_keys

Now you can log in to user other by typing in the passphrase you used to lock the key you generated.

To avoid entering this passphrase every time, you can give it to the authentication agent (generally, ssh-agent) that was started when you logged in:

 ssh-add

Note I expect the above to be a bit confusing. Do look around for resources on public key cryptography; however, you may find that playing around with ssh authentication may help you understand things better. In particular, try using "-v" (verbose) with ssh.

Things to explore before the end of tutorial

  • Look at the hard link counts of files locally and compare those to the link counts over sshfs. How do they compare?
  • Can you access sshfs mounted files as root? (You can become root by typing "sudo su -".) What happens?
  • Look at inode numbers in local and remote filesystems (as reported by ls -i). How do they compare?
  • dd a large file to local drive. Do same thing over sshfs. Which is faster?
  • Can you sshfs to the SCS systems (e.g., access.scs.carleton.ca)?
  • Setup password-less login to the SCS system (and then undo it).

You should be able to do all of the above before you leave tutorial.