Networking from a vm guest to host using sshfs

README.md

Networking from guest to host in a virtual machine

prereqs & assumptions

1. linux guest
   • I used manjaro but it shouldn't matter which distro
   • ssh client with an ssh key in /home/user/.ssh
   • Optional: mosh
2. macos host (this probably works more or less the same way with a linux host also though)
   • sshd on the host, accessible by the guest
   • guest pubkey in authorized_keys for the user (not root!) account
   • if using mosh, forward port 60001 to the guest

howto

ssh connectivity

If you want your ssh sessions to persist after sleeping, you can the ServerAliveInterval option.

I really like mosh for handling unstable connections though. It's available in homebrew. My guest's sshd is listening on port 2222, which is why I used the --ssh option, but you might not need that.

mosh --port 60001:60001 --ssh="ssh -p 2222" macbookpro

Mounting the host filesystem

1. Create directories in /mnt corresponding to what you want to mount on the host.
2. Edit your /etc/fstab as shown in the fstab file in this repo
3. Reboot

Notes on sshfs options

Some of these just pass through to the ssh client meaning they can be useful with regular ssh shell sessions.

yesplz

• -o allow_other

Since we are in fstab, root will do the mounting. This option permits non-root users to access the mounts. Since we are the only user on the machine I did not investigate the security implications of doing this on a multi-user guest.

• -o identityfile=path

This option instructs root to use our ssh key for authentication. of course you will need the corresponding public key in your authorized_keys file in the host.

• -o ServerAliveInterval=n

Instructs the fuse client to drop the connection if it cannot reach the remote host for n seconds. That makes this option very useful for us since sshfs mounts can appear to "hang" if ssh drops the connection when if the system was asleep and therefore the fuse client could not be informed that it's dead.

• -o reconnect

Very useful in combination with the above since it will now also automatically attempt to re-establish a connection after dropping it.

• -o dir_cache=no

Disables the directory cache, which would allow readdir system calls to be performed without network access. This caching probably improves performance over slow networks, but we don't need it. Some kind of middle ground can maybe be found with dcache_* options described in the sshfs manpage, but I didn't try them.

• -o transform_symlinks

The manpage explains this pretty well. Seems to improve the odds that a symlink with an absolute path on the host will resolve correctly.

• -o follow_symlinks

Treats all other symlinks on the host as regular files.

nothx

I looked at these and decided they aren't necessary or helpful for this use case:

• -o direct_io

Disables kernel caching for read() and write() syscalls. I don't really understand how this works at that low a level but it sounds like something that wouldn't help here.

• -o sync_readdir

Legacy behavior. We don't want this. Details in this commit.

• -o sshfs_sync

I think we don't want this. Details in sshfs.c.

fstab

# /etc/fstab: static file system information.
#
# Use 'blkid' to print the universally unique identifier for a device; this may
# be used with UUID= as a more robust way to name devices that works even if
# disks are added and removed. See fstab(5).
#
# <file system>                             <mount point>           <type>          <options>               <dump>  <pass>
UUID=115ba5b8-c5db-4863-b373-5646c4c0d843   /                       ext4            defaults,noatime        0       1
# binds
/mnt/Documents                              /home/ryan/Documents    none            defaults,bind           0       0
/mnt/Downloads                              /home/ryan/Downloads    none            defaults,bind           0       0
/mnt/Desktop                                /home/ryan/Desktop      none            defaults,bind           0       0
/mnt/src                                    /home/ryan/src          none            defaults,bind           0       0

# sshfs
# USER@HOST:/REMOTE/DIRECTORY               /LOCAL/MOUNTPOINT   fuse.sshfs      <options>                   0       0
ryan@ryan-host:/Users/ryan/Documents        /mnt/Documents      fuse.sshfs      allow_other,x-systemd.automount,_netdev,users,ServerAliveInterval=15,reconnect,dir_cache=no,idmap=user,transform_symlinks,follow_symlinks,identityfile=/home/ryan/.ssh/id_ed25519,default_permissions,uid=1000,gid=1001 0 0
ryan@ryan-host:/Users/ryan/Downloads        /mnt/Downloads      fuse.sshfs      allow_other,x-systemd.automount,_netdev,users,ServerAliveInterval=15,reconnect,dir_cache=no,idmap=user,transform_symlinks,follow_symlinks,identityfile=/home/ryan/.ssh/id_ed25519,default_permissions,uid=1000,gid=1001 0 0
ryan@ryan-host:/Users/ryan/Desktop          /mnt/Desktop        fuse.sshfs      allow_other,x-systemd.automount,_netdev,users,ServerAliveInterval=15,reconnect,dir_cache=no,idmap=user,transform_symlinks,follow_symlinks,identityfile=/home/ryan/.ssh/id_ed25519,default_permissions,uid=1000,gid=1001 0 0
ryan@ryan-host:/Users/ryan/src              /mnt/src            fuse.sshfs      allow_other,x-systemd.automount,_netdev,users,ServerAliveInterval=15,reconnect,dir_cache=no,idmap=user,transform_symlinks,follow_symlinks,identityfile=/home/ryan/.ssh/id_ed25519,default_permissions,uid=1000,gid=1001 0 0