Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Investigate sshfs slave mode (no need for authentication) #11

Closed
dustymabe opened this issue Mar 26, 2016 · 0 comments
Closed

Investigate sshfs slave mode (no need for authentication) #11

dustymabe opened this issue Mar 26, 2016 · 0 comments

Comments

@dustymabe
Copy link
Owner

In libfuse/sshfs@b3af91b the slave mode was added to sshfs which basically allows sshfs to run without making an ssh connection and just accepting input from stdin and sending output to stdout. This means that you can run reverse sshfs mounts without having to authenticate back to the machine initiating the connection.

An example of using this is in the email the author sent to the list:

The attached patch implements a new mode of operation (slave mode) that
uses the stdin and stdout streams for comunication with the SFTP server.

That mode allows to mount a local file system through SSH into a remote
host as follows:

 $ dpipe /usr/lib/openssh/sftp-server = \
     ssh bar sshfs foo:/ /mnt/foo -o slave

And I am sure it can be (ab)used in several other ways :-)

Cheers,

- Salva

I have a working POC on this and am actively trying to get it polished and ready for merge.
@dustymabe dustymabe mentioned this issue Mar 26, 2016
Closed
dustymabe added a commit that referenced this issue Mar 28, 2016
@dustymabe
synced_folder: convert to using slave ssh mount by default
e02445d 
This commit converts the plugin to default to use sshfs in slave mode [1]
by default. Now the plugin will launch sftp-server on the host machine
and sshfs inside of the guest and wire them together over a host->guest
ssh connection. This means that we no longer have to figure out how to
connect back to the host, authenticate with the host, or even have an ssh
daemon running on the host at all. This greatly simplifies the users life.

For cases where the user was actually connecting to a third party
machine (i.e. not connecting back to the vagrant host) a user can
still do this by specifying :ssh_host in the synced folder options.

Closes #11

[1] libfuse/sshfs@b3af91b
dustymabe added a commit that referenced this issue Mar 30, 2016
@dustymabe
synced_folder: convert to using slave ssh mount by default
ad4f821 
This commit converts the plugin to default to use sshfs in slave mode [1]
by default. Now the plugin will launch sftp-server on the host machine
and sshfs inside of the guest and wire them together over a host->guest
ssh connection. This means that we no longer have to figure out how to
connect back to the host, authenticate with the host, or even have an ssh
daemon running on the host at all. This greatly simplifies the users life.

For cases where the user was actually connecting to a third party
machine (i.e. not connecting back to the vagrant host) a user can
still do this by specifying :ssh_host in the synced folder options.

Closes #11

[1] libfuse/sshfs@b3af91b
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@dustymabe