May 05, '08 07:30:00AM • Contributed by: jeetsukumaran
In my situation, however, the remote directory that I wanted to access was on a firewalled server that only allowed access through other machines on the some local network. I had access to various gateway machines, so access as such was not a problem, but it was a pain to have to hop through the gateway each time I need to transfer files to the firewalled server. Also, I could not use local applications to work on directly on files on the server, even if they supported ssh- and sftp-based editing.
I messed around with trying to set up an ssh tunnel, but got nowhere. When I finally turned to MacFUSE as an alterntive, I had everything set up and running within minutes.
You will, of course, need to be authorized to access both the gateway (from your local machine) and the server (from the gateway). However, you will also need to set up ssh for passwordless access in both cases (i.e., so that you can ssh from your local machine to the gateway, and from the gateway to the server without being prompted for logins). This is not difficult to do, and if you google for ssh passwordless login, you will find a ton of information. After you have the password-free ssh connections working, download MacFUSE and sshfs, and install both. Create a convenient link to the statically-compiled command-line binary on your system path:
sudo ln -s /Applications/sshfs.app/Contents/Resources/sshfs-static /usr/bin/sshfs
Now, mounting a remote directory using the ssh protocol itself is fairly straightforward:
sshfs user@host:/some/directory /some/mount/point -oreconnect,volname=volume_name
The trick is getting to the firewalled server. The solution is to execute the ssh command remotely from the gateway machine.
To do this, save the following wrapper script as /usr/bin/gateway-ssh, and set it executable (chmod a+x scriptname) permissions:
#! /bin/sh
ssh gateway.host.ip ssh $@
Now simply use the -o ssh_command= option of sshfs:
The connected server does not pop up on your desktop, but you can see it if you open your Computer window. You could use the -o local option for more Finder-friendly behavior:
[robg adds: I haven't tested this one.]
