vtacquet/sshfs

By vtacquet

Updated almost 4 years ago

lightweight sshfs server on alpine (with fail2ban protection and private key authentication)

Image
0

161

Description: Creates a basic sshfs container with fail2ban protection and private key authentication.

map a folder to /keys for storing the ssh keys (host and user)
map a folder to /data for the file share

the container listens on port 22, you can map it to another port or use macvlan

EMAIL environment variable is used to describe the ssh keys (defaults to john.doe@foo.com)

NET_ADMIN is needed to allow fail2ban to create iptables rules (bantime = 4h and maxretry = 3)

after starting the container, use "docker logs" to see the contents of the private key file or check the file /keys/id_rsa

list banned IPs

docker exec -ti sshfs fail2ban-client status sshfs

unban IP

docker exec -ti sshfs fail2ban-client set sshfs unbanip 8.8.8.8

stop fail2ban

docker exec -ti sshfs supervisorctl stop fail2ban

Windows clients

https://github.com/billziss-gh/winfsp/releases
https://github.com/billziss-gh/sshfs-win/releases/tag/v3.7.21011
https://github.com/evsar3/sshfs-win-manager/releases/latest

copy your private key file to C:\Users\<USERNAME>\.ssh\id_rsa
map a network drive to \\sshfs.kr\data@<A.B.C.D>!<P>\data 
(replace <USERNAME> by your windows username, <A.B.C.D> by ip and <P> by port)

Mac clients

https://github.com/osxfuse/sshfs/releases/download/osxfuse-sshfs-2.5.0/sshfs-2.5.0.pkg
https://github.com/osxfuse/osxfuse/releases/download/macfuse-4.1.0/macfuse-4.1.0.dmg

Filezilla (or alternative SFTP browser)

use SFTP protocol, user 'data' and the private key file to connect

docker-compose example:

  sshfs:
    hostname: sshfs
    container_name: sshfs
    image: vtacquet/sshfs
    restart: unless-stopped
    volumes:
     - /etc/localtime:/etc/localtime:ro
     - /opt/docker/sshfs/keys:/keys
     - /opt/docker/sshfs/data:/data
    ports:
     - "2222:22"
    environment:
     - TZ=Europe/Brussels
     - EMAIL=someone@server.com
    cap_add:
     - NET_ADMIN

Docker Pull Command

docker pull vtacquet/sshfs