sshfs: How to mount / to local with normal user ssh-login
Clash Royale CLAN TAG#URR8PPP up vote
2
down vote
favorite
I want to backup my ubuntu-server to local storage with borgbackup in "pull-style" via sshfs as described here: borgbackup examples -search page for ("pull" style)- . I configured passwordless ssh-login for a normal user via key and disabled root-login for security reasons. I want to mount servers / to a local dir, so sshfs has to login as a normal user and then do root privilege escalation for mounting operation.
How do I tell sshfs to ask for the server's root-password when doing normal user ssh-login? Is this possible at all?
permissions sshfs
asked Apr 21 at 13:21
barrios
1112
add a comment |Â
up vote
2
down vote
favorite
I want to backup my ubuntu-server to local storage with borgbackup in "pull-style" via sshfs as described here: borgbackup examples -search page for ("pull" style)- . I configured passwordless ssh-login for a normal user via key and disabled root-login for security reasons. I want to mount servers / to a local dir, so sshfs has to login as a normal user and then do root privilege escalation for mounting operation.
How do I tell sshfs to ask for the server's root-password when doing normal user ssh-login? Is this possible at all?
permissions sshfs
asked Apr 21 at 13:21
barrios
1112
I don't see how this makes anything safer then allowing root to use (probably only) sshfs/sftp in the first place. I don't think what you want is possible, nor is it more secure.
– Sebastian Stark
Apr 21 at 14:50
1
"How do I tell sshfs to ask for the server's root-password when doing normal user ssh-login? Is this possible at all?" NO.
– waltinator
Apr 21 at 14:57
IMHO it is generally recommended to disable ssh-root-login for security reasons. A possible attacker in my case needs the private ssh-key including it's password, the name of the non-root user to login and the root-password to get root privileges. This seems a lot more secure to me than a direct root-login with pwd and even with a key.
– barrios
Apr 21 at 15:01
add a comment |Â
up vote
2
down vote
favorite
up vote
2
down vote
favorite
I want to backup my ubuntu-server to local storage with borgbackup in "pull-style" via sshfs as described here: borgbackup examples -search page for ("pull" style)- . I configured passwordless ssh-login for a normal user via key and disabled root-login for security reasons. I want to mount servers / to a local dir, so sshfs has to login as a normal user and then do root privilege escalation for mounting operation.
How do I tell sshfs to ask for the server's root-password when doing normal user ssh-login? Is this possible at all?
permissions sshfs
asked Apr 21 at 13:21
barrios
1112
I want to backup my ubuntu-server to local storage with borgbackup in "pull-style" via sshfs as described here: borgbackup examples -search page for ("pull" style)- . I configured passwordless ssh-login for a normal user via key and disabled root-login for security reasons. I want to mount servers / to a local dir, so sshfs has to login as a normal user and then do root privilege escalation for mounting operation.
How do I tell sshfs to ask for the server's root-password when doing normal user ssh-login? Is this possible at all?
permissions sshfs
asked Apr 21 at 13:21
barrios
1112
asked Apr 21 at 13:21
barrios
1112
asked Apr 21 at 13:21
barrios
1112
asked Apr 21 at 13:21
barrios
1112
1112
I don't see how this makes anything safer then allowing root to use (probably only) sshfs/sftp in the first place. I don't think what you want is possible, nor is it more secure.
– Sebastian Stark
Apr 21 at 14:50
1
"How do I tell sshfs to ask for the server's root-password when doing normal user ssh-login? Is this possible at all?" NO.
– waltinator
Apr 21 at 14:57
IMHO it is generally recommended to disable ssh-root-login for security reasons. A possible attacker in my case needs the private ssh-key including it's password, the name of the non-root user to login and the root-password to get root privileges. This seems a lot more secure to me than a direct root-login with pwd and even with a key.
– barrios
Apr 21 at 15:01
add a comment |Â
I don't see how this makes anything safer then allowing root to use (probably only) sshfs/sftp in the first place. I don't think what you want is possible, nor is it more secure.
– Sebastian Stark
Apr 21 at 14:50
1
"How do I tell sshfs to ask for the server's root-password when doing normal user ssh-login? Is this possible at all?" NO.
– waltinator
Apr 21 at 14:57
IMHO it is generally recommended to disable ssh-root-login for security reasons. A possible attacker in my case needs the private ssh-key including it's password, the name of the non-root user to login and the root-password to get root privileges. This seems a lot more secure to me than a direct root-login with pwd and even with a key.
– barrios
Apr 21 at 15:01
I don't see how this makes anything safer then allowing root to use (probably only) sshfs/sftp in the first place. I don't think what you want is possible, nor is it more secure.
– Sebastian Stark
Apr 21 at 14:50
I don't see how this makes anything safer then allowing root to use (probably only) sshfs/sftp in the first place. I don't think what you want is possible, nor is it more secure.
– Sebastian Stark
Apr 21 at 14:50
1
1
"How do I tell sshfs to ask for the server's root-password when doing normal user ssh-login? Is this possible at all?" NO.
– waltinator
Apr 21 at 14:57
"How do I tell sshfs to ask for the server's root-password when doing normal user ssh-login? Is this possible at all?" NO.
– waltinator
Apr 21 at 14:57
IMHO it is generally recommended to disable ssh-root-login for security reasons. A possible attacker in my case needs the private ssh-key including it's password, the name of the non-root user to login and the root-password to get root privileges. This seems a lot more secure to me than a direct root-login with pwd and even with a key.
– barrios
Apr 21 at 15:01
IMHO it is generally recommended to disable ssh-root-login for security reasons. A possible attacker in my case needs the private ssh-key including it's password, the name of the non-root user to login and the root-password to get root privileges. This seems a lot more secure to me than a direct root-login with pwd and even with a key.
– barrios
Apr 21 at 15:01
add a comment |Â
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1026941%2fsshfs-how-to-mount-to-local-with-normal-user-ssh-login%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
I don't see how this makes anything safer then allowing root to use (probably only) sshfs/sftp in the first place. I don't think what you want is possible, nor is it more secure.
– Sebastian Stark
Apr 21 at 14:50
1
"How do I tell sshfs to ask for the server's root-password when doing normal user ssh-login? Is this possible at all?" NO.
– waltinator
Apr 21 at 14:57
IMHO it is generally recommended to disable ssh-root-login for security reasons. A possible attacker in my case needs the private ssh-key including it's password, the name of the non-root user to login and the root-password to get root privileges. This seems a lot more secure to me than a direct root-login with pwd and even with a key.
– barrios
Apr 21 at 15:01