# sshfs for sharing files

if you do not need access to the files when you are offline (or alternatively do not mind writing an rsync script) this solution might be for you. using [sshfs](https://github.com/libfuse/sshfs) only dawned upon me after having looked at several big software alternatives like owncloud. using this, you can mount a remote directory, which can be on encrypted space. file changes are immediately applied on the server.
downsides are the same as with other self-hosted solutions: you have to manage the backups, server availability and software.
for just serving files, for example media in a home network, it might be easier and sufficient to use an http server with autoindex and basic auth or limited ip access. also check out kodi

# how to
## on the server
create a dedicated user without a default shell and without any password
~~~
useradd shared --home-dir /home --shell /bin/false
~~~
for some reason, only using /home directly worked for me. sshd changes the directory automatically to /home/shared on login
~~~
mkdir /home/shared
chown root:root /home/shared
chmod 755 /home/shared
~~~
these owner and permissions are the only that worked for me, perhaps necessary for the chroot

in /etc/sshd_config
~~~
AuthorizedKeysFile /etc/ssh/authorized_keys/%u
Match User shared
  ChrootDirectory /home/shared
  ForceCommand internal-sftp
~~~
configure a chroot for the user, which is supposed to prevent the user from seeing and accessing files outside the specified directory. because i do not have the authorized_keys file in the home directory of the shared user, i store them in a directory /etc/ssh/authorized_keys, with one file per user. this is for enabling password-less, key-based login
~~~
mkdir /etc/ssh/authorized_keys
chmod 755 /etc/ssh/authorized_keys
~~~
then add public keys in that directory, named like the corresponding users. the directory and the files therein must be accessible by the users, the files only for the user it is for
~~~
authorized_keys/
  otheruser  shared
~~~

## on the client
create or designate an ssh key and change the file name to have the username of the shared remote user at the end. this is so that ssh can select the right ssh key automatically when logging in and the path to the key does not have to be specified
~~~
.ssh/
  config
  testserver.shared
  testserver.shared.pub
  testserver.otheruser
  testserver.otheruser.pub
~~~
in ~/.ssh/config
~~~
Host testserver
User shared
IdentityFile ~/.ssh/testserver.%r
~~~
the placeholder %r will be replaced by ssh with the username, which is either the username given explicitly on the command line, the default user configured in .ssh/config or the current user if none is configured

mount the remote directory
~~~
sshfs shared@testserver:/ /home/username/mnt/shared@testserver
~~~
i had some issues with finding the right path on the server to mount because of the chroot. the chroot and mount paths might require some tweaking

# mount-sshfs-home
mount-sshfs-home from [sph-script](https://github.com/sph-mn/sph-script#mount-sshfs-home) makes mounting with sshfs a little bit easier

usage example
~~~
mount-sshfs-home shared@testserver --path=/
~~~
the benefit is that the local mount directory is automatically selected, created and removed in the home directory. mnt/shared@testerver/