if you do not need access to the files when you are offline (or alternatively do not mind writing an rsync script) this solution might be for you. using sshfs only dawned upon me after having looked at several big software alternatives like owncloud. using this, you can mount a remote directory, which can be on encrypted space. file changes are immediately applied on the server. downsides are the same as with other self-hosted solutions: you have to manage the backups, server availability and software. for just serving files, for example media in a home network, it might be easier and sufficient to use an http server with autoindex and basic auth or limited ip access. also check out kodi
create a dedicated user without a default shell and without any password
useradd shared --home-dir /home --shell /bin/false
for some reason, only using /home directly worked for me. sshd changes the directory automatically to /home/shared on login
mkdir /home/shared chown root:root /home/shared chmod 755 /home/shared
these owner and permissions are the only that worked for me, perhaps necessary for the chroot
in /etc/sshd_config
AuthorizedKeysFile /etc/ssh/authorized_keys/%u Match User shared ChrootDirectory /home/shared ForceCommand internal-sftp
configure a chroot for the user, which is supposed to prevent the user from seeing and accessing files outside the specified directory. because i do not have the authorized_keys file in the home directory of the shared user, i store them in a directory /etc/ssh/authorized_keys, with one file per user. this is for enabling password-less, key-based login
mkdir /etc/ssh/authorized_keys chmod 755 /etc/ssh/authorized_keys
then add public keys in that directory, named like the corresponding users. the directory and the files therein must be accessible by the users, the files only for the user it is for
authorized_keys/ otheruser shared
create or designate an ssh key and change the file name to have the username of the shared remote user at the end. this is so that ssh can select the right ssh key automatically when logging in and the path to the key does not have to be specified
.ssh/ config testserver.shared testserver.shared.pub testserver.otheruser testserver.otheruser.pub
in ~/.ssh/config
Host testserver User shared IdentityFile ~/.ssh/testserver.%r
the placeholder %r will be replaced by ssh with the username, which is either the username given explicitly on the command line, the default user configured in .ssh/config or the current user if none is configured
mount the remote directory
sshfs shared@testserver:/ /home/username/mnt/shared@testserver
i had some issues with finding the right path on the server to mount because of the chroot. the chroot and mount paths might require some tweaking
mount-sshfs-home from sph-script makes mounting with sshfs a little bit easier
usage example
mount-sshfs-home shared@testserver --path=/
the benefit is that the local mount directory is automatically selected, created and removed in the home directory. mnt/shared@testerver/