How to connect to remote servers with SSH and Netatalk?

Hello there,

just installed OSMC on a Pi, and would like to know if there’s something I am missing.

The movies reside on another NAS on my network, sharing files through Netatalk mainly. The problem is, the Zeroconf browser is detecting the NAS with its SFTP connection, but doesn’t show any way to login, nor error message. Since SFTP taxes the CPU, any way to login to Netatalk servers?

The movie I put in the home folder does show, however, after a few seconds, but OSMC still doesn’t show any scanning progress. Any way to get one? I am thinking that, when accessing files over a network, some delay is to be expected, and I’d like it to display its progress.

Finally, I wanted to change the keyboard layout to Spanish QWERTY, but the change isn’t taken. Should I allow it to load additional locales before it becomes available?

One of the options when adding a source is SSH + FTP. That would give you sftp. Or, for possibly better performance, you may want to use SSHFS in fstab to mount your files.

I helped another forum member get SSHFS working last week, and his initial report was that it worked better than FTP (he was accessing his FTP server over the internet.) If you’d like to try SSHFS, let me know and I’ll help you set it up.

Would there be a way to set it up without requiring root access to the server? For security reasons, I would like to avoid using root as much as possible. Why not Netatalk?

What makes you think it would require root access on the server ?

There is no netatalk package available in Debian Jessie (it was removed after Wheezy) and Kodi also had built in support for Netatalk removed quite some time ago.

So netatalk is not an option. It is a dying protocol that Apple themselves have deprecated a number of years ago - the 3rd party implementations did not work very well and nobody in the open source community is interested in trying to bug fix a protocol everyone is moving away from.

You are much better off using NFS or (if you have to) SMB.

[quote=“DBMandrake, post:4, topic:14426, full:true”]
What makes you think it would require root access on the server ?[/quote]I can’t dissociate SSH connection from needing root@someserver.net , witht the notable exception of the Raspberry Pi.

[quote]
There is no netatalk package available in Debian Jessie (it was removed after Wheezy) and Kodi also had built in support for Netatalk removed quite some time ago.

So netatalk is not an option. It is a dying protocol that Apple themselves have deprecated a number of years ago - the 3rd party implementations did not work very well and nobody in the open source community is interested in trying to bug fix a protocol everyone is moving away from.
[/quote]Removed? I can confirm it’s alive and well on my other Jessie-based NAS, OpenMediaVault, the last package is from december 2015. Maybe a backport?

And Apple hasn’t killed it: it’s actually mandatory for Time Machine backups support, and the problems experienced with it come from TM’s complexity itself. Non-TM AFP network transfers work just as well, without Samba’s configuration nightmare and toll levied from the CPU (at first I chose Netatalk over Samba for its better security, and kept or because it was easier to configure and overall faster during transfers).

I can’t remember why I didn’t choose NFS however: what are its main limitations, compared to other network sharing protocols? Security?

Also, why does OSMC doesn’t show the login window for the SFTP server so I know it works?

And how would you mount a remote folder with SSHFS without requiring root access?

If you can ssh into the ftp server, then you can use sshfs. Setup private/public keys and you can do it without passwords.

If NFS is available on your home network, that would be the best bet, as it’s a native linux protocol. But it’s not real secure, so you would not want to use it over the internet.

I think it would allow for more flexibility if I use SSHFS as it would allow me bringing the player to a friend’s home and still have transparent access to my collection.

So, how would I configure OSMC to automatically mount the network share with SSHFS, but without using root user on the storage server?

If you setup public/private keys, then no password will be transmitted, only the public key. You can copy your osmc user key to the root user on the NAS, so you would be able to use root@mynas.com.

If your NAS does not allow you to create new users, then you are probably stuck with using root. If the NAS does have other users, then copy the key to that user on the NAS. Do some googling on how SSH works (everything you learn about SSH also pertains to SSHFS)

FMHO I would just get another RPi (there should be cheap used RPi1 out there) and install openvpn, then your OSMC travelling around with you always will behave as if it would be at home.

If there’s demand for AFP, I could look at re-adding it

I have installed it from source on my Raspberry Pi. It’s not too much work to do but a package is certainly welcome :-).

I know this is a really old topic. I’ve just setup an FTP server that I access over the internet and am able to mount it manually using SSHFS. However, my initial pass adding it to /etc/fstab sent me to recovery mode upon reboot. At the risk of losing access, do you have an example etc/fstab entry that I could review? Thanks!

First, did you have a look at this: [HOW-TO] SSHFS tutorial

You need to have your public/private keys setup properly. If so, something like this should work:

osmc@ip.of.server: /mnt/sshfsmount fuse.sshfs x-systemd.automount,noauto,rw,user,transform_symlinks,identityfile=/home/osmc/.ssh/id_rsa,allow_other,default_permissions,uid=1000,gid=1000 0 0

Try to manually mount it before rebooting for testing, but since noauto and autmount are used even if you get the entry in fstab wrong it won’t prevent your system from booting.

Thanks for your reply.

The ftp server is on a shared host that does not provide root access. As such, I’m not able to create the user osmc on the server nor edit /etc/ssh/sshd_config on the server side.

When I include the following in /etc/fstab and reboot

remoteusername@ip.of.server: /mnt/sshfsmount fuse.sshfs x-systemd.automount,noauto,rw,user,transform_symlinks,identityfile=/home/osmc/.ssh/id_rsa,allow_other,default_permissions,uid=1000,gid=1000 0 0

the output of
osmc@osmc:~$ ls -al /mnt/sshfsmount/

returns
ls: cannot access '/mnt/sshfsmount/': No such device

I am able to manually mount as follows:
osmc@osmc:~$ sshfs -o idmap=user,allow_other,nonempty remoteusername@ip.of.server: /mnt/sshfsmount

When doing so, the output of
ls -al /mnt/sshfsmount/
returns the directory structure shown below with osmc as the user and permissions preserved.

osmc@osmc:~$ ls -al /mnt/sshfsmount/
total 68
drwx------ 1 osmc 1903 4096 Feb 13 11:30 .
drwxr-xr-x 4 root root 4096 Feb 14 20:42 ..
-rw-r--r-- 1 osmc 1903  269 Feb 12 21:37 .bash_aliases
-rw------- 1 osmc 1903 7850 Feb 15 09:10 .bash_history
-rw-r--r-- 1 osmc 1903  220 Feb 12 21:37 .bash_logout
-rw-r--r-- 1 osmc 1903   42 Feb 12 21:37 .bashrc
drwx------ 1 osmc 1903 4096 Feb 12 21:42 .config
drwx------ 1 osmc 1903 4096 Feb 12 22:25 .nano
drwxr-xr-x 1 osmc 1903 4096 Feb 13 00:32 .nginx
-rw-r--r-- 1 osmc 1903  677 Feb 12 21:37 .profile
-rw-r--r-- 1 osmc 1903 1061 Feb 13 00:32 .rtorrent.rc
drwx------ 1 osmc 1903 4096 Feb 13 07:42 .ssh
drwx------ 1 osmc 1903 4096 Feb 12 23:18 Downloads
-rw------- 1 osmc 1903 1329 Feb 13 22:25 action.log
drwxr-xr-x 1 osmc 1903 4096 Feb 13 00:32 private
drwxr-xr-x 1 osmc 1903 4096 Feb 12 21:37 www

I am able to read and write files in that directory as the osmc user.

Further thoughts regarding etc/fstab?

Did you setup your keys? If you:

ssh remoteusername@ip.of.server

do you get prompted for a password? If so, you didn’t setup your keys properly yet and fstab will not work.

Yes, the keys have been setup.
osmc@osmc:~$ ssh remoteusername@ip.of.server
logs in to the server without a password prompt.

Ok, did you create the directory /mnt/sshfsmount? (Needs to be an empty directory).

What happens if you just

sudo mount /etc/sshfsmount

does the file: /home/osmc/.ssh/id_rsa exist, and what are its permissions? (on the Pi)

Instead of gid=1000,uid=1000 in fstab, you could try the idmap=user option, but I doubt that’s the problem.

/mnt/sshfsmount/ exists and is empty.

osmc@osmc:~$ ls -al /mnt/sshfsmount/
total 8
drwxr-xr-x 2 osmc osmc 4096 Feb 17 08:03 .
drwxr-xr-x 4 root root 4096 Feb 17 08:03 ..
osmc@osmc:~$ sudo mount /etc/sshfsmount
mount: can't find /etc/sshfsmount in /etc/fstab
osmc@osmc:~$ ls -al /home/osmc/.ssh/id_rsa
-rw------- 1 osmc osmc 1675 Mar 11  2018 /home/osmc/.ssh/id_rsa

When I include the option idmap=user the following is returned

osmc@osmc:~$ sudo mount -av
/mnt/sshfsmount            : ignored

Thanks again for your help.

Sorry, that was a typo on my part:

sudo mount /mnt/sshfsmount

To test the mountpoint, I did the following:

osmc@osmc:~$ sudo umount /mnt/sshfsmount
umount: /mnt/sshfsmount: not mounted

then I confirmed the following entry was in /etc/fstab
remoteusername@ip.of.server:/media/sshfsmount/ /mnt/sshfsmount fuse.sshfs x-systemd.automount,x-systemd.requires=network.target,x-systemd.after=network-online.target,noauto,rw,idmap=user,transform_symlinks,identityfile=/home/osmc/.ssh/id_rsa,allow_other,default_permissions 0 0

and ran the following

osmc@osmc:~$ sudo mount -av
/mnt/sshfsmount        : ignored
osmc@osmc:~$ ls -al /mnt/sshfsmount/
total 8
drwxr-xr-x 2 osmc osmc 4096 Feb 17 08:03 .
drwxr-xr-x 4 root root 4096 Feb 17 08:03 ..
osmc@osmc:~$ sudo mount /mnt/sshfsmount
osmc@osmc-turtle:~$ ls -al /mnt/sshfsmount/
ls: cannot open directory '/mnt/sshfsmount/': Permission denied

Thanks!