nix-on-droid icon indicating copy to clipboard operation
nix-on-droid copied to clipboard

Published 20 hours ago verified publisher icon nix-community

How to setup SFTP (in order to make sshfs work)

Open unclechu opened this issue 1 year ago • 5 comments

How could I setup SFTP in order to make sshfs work? I made a simple script to start an SSHD server:

{ pkgs, lib }:

let
  hostKeyPath = toString
    /data/data/com.termux.nix/files/home/.ssh/ssh-host-key;

  # Add authorized keys to: ~/.ssh/authorized_keys
  sshdConfigFile = pkgs.writeText "sshd-config" ''
    HostKey "${lib.escape ["\""] hostKeyPath}"
    Port 8044
    Subsystem sftp "${lib.escape ["\""] e.sftp-server}"
  '';

  executables = {
    bash = "${pkgs.bash}/bin/bash";
    sshd = "${pkgs.openssh}/bin/sshd";
    sftp-server = "${pkgs.openssh}/libexec/sftp-server";
  };

  e = executables;
  esc = lib.escapeShellArg;

  run-sshd = pkgs.writeTextFile rec {
    name = "run-sshd";
    executable = true;
    destination = "/bin/${name}";
    text = ''
      #! ${e.bash}
      ${esc e.sshd} -f ${esc sshdConfigFile} -e -D
    '';
    checkPhase = ''(
      set -o xtrace
      ${builtins.concatStringsSep "\n" (
        map (x: "[[ -x ${esc x} ]]") (builtins.attrValues executables)
      )}
    )'';
  };
in
  run-sshd // { inherit sshdConfigFile; }

The regular ssh works fine but if I try to mount via sshfs I get an error like “Connection closed by the user". Here is the end of the log of sshfs call:

...
debug1: Sending subsystem: sftp
debug1: pledge: fork
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: client_input_channel_req: channel 0 rtype [email protected] reply 0
debug1: channel 0: free: client-session, nchannels 1
Transferred: sent 4872, received 3844 bytes, in 0.3 seconds
Bytes per second: sent 18440.4, received 14549.4
debug1: Exit status 255
remote host has disconnected

unclechu avatar Nov 26 '23 02:11 unclechu

It might be that the path to the sftp-server executable is not found because it may be running outside of proot.. Not sure how to debug that though but the arch wiki says that this error message happens when the sftp-server executable is not valid: https://wiki.archlinux.org/title/SSHFS#Remote_host_has_disconnected

Gerschtli avatar Nov 26 '23 09:11 Gerschtli

@Gerschtli I’ve also tried internal-sftp, it makes no difference.

unclechu avatar Nov 26 '23 12:11 unclechu

Also I don’t think it should run outside proot since I run run-sshd from inside of the Nix-on-Droid shell?

unclechu avatar Nov 26 '23 14:11 unclechu

Looks like a proot problem https://github.com/proot-me/proot/issues/243

azuwis avatar Dec 28 '23 05:12 azuwis

Looks like a proot problem https://github.com/proot-me/proot/issues/243

A patched sftp-server, as a workaround, can mitigate the problem. See https://github.com/proot-me/proot/issues/243#issuecomment-1962738694

SonicStark avatar Feb 24 '24 21:02 SonicStark