How to get automount and sshfs (osxfuse) working with yosemite
FWIW, if anyone else stumbles across this old question, the best guide I have found for mounting sshfs using apple's automounter is here -
http://virtuallyhyper.com/2013/07/mount-various-file-system-with-autofs-on-mac-os-x-mountain-lion/#mount-sshfs-with-autofs
This doesn't require disabling System Integrity Protection, as cron jobs are still working in el captain:
$ crontab -e
*/5 * * * * /usr/local/bin/sshfs 192.168.1.2:/etc /Users/xxx/temp/etc -o uid=$(id -u) -o gid=$(id -g) -o reconnect
For macOS Mojave and latest version of osxfuse, this is the correct daemon file:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Disabled</key>
<false/>
<key>Label</key>
<string>sysctl</string>
<key>ProgramArguments</key>
<array>
<string>/bin/bash</string>
<string>-c</string>
<string>/Library/Filesystems/osxfuse.fs/Contents/Resources/load_osxfuse; /usr/sbin/sysctl -w vfs.generic.osxfuse.tunables.allow_other=1</string>
</array>
<key>RunAtLoad</key>
<true/>
</dict>
</plist>
load_osxfuse is now located at /Library/Filesystems/osxfuse.fs/Contents/Resources/load_osxfuse and the correct kernel parameter is vfs.generic.osxfuse.tunables.allow_other
More info at osxfuse wiki
Update 2016-08-03: I found that installing SSHFS from https://osxfuse.github.io is stabler than the homebrew version, because of some old dependency (therefore this may improve in the future).
CAVEAT: This connection is super fast when it works, but often has issues after terminated connects due e.g. wireless, standby.
Assumes you have Homebrew installed (make your life easier and get this first)
Installation of SSHFS
brew install sshfs
Check this folder to see installed file systems: ls /Library/Filesystems
If you don't see osxfusefs.fs, you need to install it.
Get Cask
brew tap caskroom/cask
Install OSXFUSE
brew cask install osxfuse
Alternatively instead of homebrew use the download versions from https://osxfuse.github.io/
SSHFS + OSXFUSE Now Installed. One more step...
autofs needs mount_* binaries.
/usr/local/bin/sshfs should be also available as mount_sshfs, so:
List your mount_*s with
compgen -c | grep ^mount
OR
ls /sbin | grep mount
If you do not see mount_sshfs, the you need to do this step. This is a critical step because it is easily forgotten and may create headaches.
As /sbin is on the system partition you'll need to turn off SIP and remount the partition with the writable attribute.
In Recovery Mode open Terminal and turn off SIP and reboot:
csrutil disable
reboot
Once rebooted, remount the system volume:
sudo mount -uw /
Now you can create the proper symlink:
sudo ln -s $(which sshfs) /sbin/mount_sshfs
Add Autostart at Boot Daemon in /Library/LaunchDaemons/
File could be called:
You need to run this at every boot for the kernel extension:
/bin/bash -c "/Library/Filesystems/osxfuse.fs/Contents/Resources/load_osxfuse; /usr/sbin/sysctl -w vfs.generic.osxfuse.tunables.allow_other=1"
So create a new service file:
/Library/LaunchDaemons/load.osxfusefs.tunables.plist
Contents:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Disabled</key>
<false/>
<key>Label</key>
<string>sysctl</string>
<key>ProgramArguments</key>
<array>
<string>/bin/bash</string>
<string>-c</string>
<string>/Library/Filesystems/osxfuse.fs/Contents/Resources/load_osxfuse; /usr/sbin/sysctl -w vfs.generic.osxfuse.tunables.allow_other=1</string>
</array>
<key>RunAtLoad</key>
<true/>
</dict>
</plist>
Load with launchctl (launchd) for next boot, which is the Mac OS X version of systemctl (systemd)
launchctl load /Library/LaunchDaemons/load.osxfusefs.tunables.plist
Setup auto_master and auto_sshfs
The following assumes you can ssh into your server with a secure key (no password required).
##/etc/auto_master
/mnt/sshfs auto_sshfs -nosuid
##/etc/auto_sshfs
You could use parameters that normally come after the -o in sshfs -o depending on your situation.
- idmap=user: default setting. since your uid and gid is probably different across operating systems, you could just map the user used in the user@ip: to your local (client) user. The group will be ignored in this case (which means folders not owned by you yet grant you read permissions on the server-side group may not be readable locally--on the client side)
OR
-
uid=YOURUSERID, gid=YOURGROUPID: just type id YOURUSER to get the numbers. This will just map all files from the mount to this user/group combination. This will allow you to read all files. I think any new files/folders you create will inherit the default umask settings for whichever folder you mount.
-
allow-other: I use this, but is is risky because any user who browses the mount will view the mount using the credentials used when connecting.
-
list all parameters with
man sshfsand read see each parameter after every-o
replace:
- YOURUSER with your username and
- PRIVATEKEY to your key e.g. id_ed25519
- ip with your ip address or hostname
Contents
Important is the parameter reconnect, otherwise whenever you loose connection (like go to sleep), Finder will crash.
Replace
- $(id -u) with your actual id on client machine
- $(id -g) with your actual group id on client machine
Unfortunately you cannot execute things in autofs like id -u
NameOfMountThatGetsIgnored -fstype=sshfs,port=22,reconnect,uid=$(id -u),gid=$(id -g),follow_symlinks,allow_other,IdentityFile=/Users/YOURUSER/.ssh/PRIVATEKEY,volname="NameOfMount" YOURUSER@ip:/path/on/server
Test
df -Ph /path/to/mount
List mounted filesystems
lsvfs
List all mounts
mount