.ssh/config does not appear to be used

[eric-wieser]

I have a config file at C:\Users\me\.ssh\config, which is used successfully by the ssh shipped with git.

It contains something basic like

Host myhost
    User myuser
    HostName mydomain.com

However, mapping \\sshfs\myhost does not work.

A possible hint comes from running the following:

> "C:\Program Files (x86)\SSHFS-Win\bin\ssh.exe" somedomain.com
Could not create directory '/home/me/.ssh'.

Is the issue here that the windows home and the cygwin home are distinct?

Thanks again for otherwise very helpful software!

[billziss-gh]

Is the issue here that the windows home and the cygwin home are distinct?

Yes.

You might be able to get this to work by creating a directory under the SSHFS-Win installation directory:

> cd "\Program Files (x86)\SSHFS-Win"
> mkdir home
> mkdir home\USERNAME
> mkdir home\USERNAME\.ssh

You can then copy your config into that directory.

Another approach might be to use nsswitch.conf and configure it to use your %USERPROFILE% as your home directory (that is what I do on my own Cygwin environment).

Here are the contents of my Cygwin /etc/nsswitch.conf:

db_home: windows

---

EDIT: If it was not clear, the minimal Cygwin environment in SSHFS-Win treats the directory \Program Files (x86)\SSHFS-Win as the root directory.

[eric-wieser]

I think I was unclear there - let me delete those two comments, and try again

• Updating nsswitch.conf makes ssh read my config correctly (thanks!)

  • when the config file contains ProxyJump, ssh seems to try to invoke sh, which is not part of the minimal cygwin

• Even with the simple host case case above, none of the following work

  • net use S: \\sshfs\myhost
  • net use S: \\sshfs\myuser@myhost
  • net use S: \\sshfs\localuser=myuser@myhost

  All ask for passwords despite ssh myhost using public key authentication, and all fail after asking for a username and password

  Could this be because sshfs-win is being run by SYSTEM, not my local user - so nsswitch.conf still won't defer to the right place?

[billziss-gh]

Clearly SSHFS-Win does not currently support .ssh/config or other advanced sshfs scenarios, such as public key auth. It would be nice if such support existed of course.

Could this be because sshfs-win is being run by SYSTEM, not my local user - so nsswitch.conf still won't defer to the right place?

This is likely. You could try creating a directory /home/SYSTEM/.ssh under the SSHFS-Win "root" directory and copy the config file there to see if that works.

But I think the best thing to do for such advanced customizations is to get a working Cygwin environment and then you have a lot more options. You could for example run sshfs directly, or even modify its Makefile to include tools that you want in it.

https://github.com/billziss-gh/sshfs-win/blob/master/Makefile#L13

[eric-wieser]

But I think the best thing to do for such advanced customizations i

I'm not sure that in the simplest case, using my ssh key is an "advanced customization'. But I think you're right - in terms of debugging this, a full cygwin installation is the way to go

[eric-wieser]

Doing a clean cygwin installation, then merging across the exes and dlls from the installation of sshfs-win did the trick - I'm now able to mount my multi-hop connection,

Unfortunately, this seems to come with its own series of problems:

• The mounted directory is not listable from cygwin (but works for listing and reading in windows)
• The mounted directory is not writeable, even if sshfs is invoked with -ouid=$(id -u),gid=$(id -g)
• There does not seem to be a way to properly unmount the now-mounted directory

[billziss-gh]

• The mounted directory is not listable from cygwin (but works for listing and reading in windows)

This is an unfortunate Cygwin limitation. Cygwin does not currently recognize Windows "junctions" (which is what Windows uses for mounting directories). [I believe I had a hackpatch for this somewhere, but no one in the Cygwin list showed any interest when I proposed some "reparse point" handling changes.]

The only solution here is to mount on a drive if you intend to use it from Cygwin.

$ ./sshfs -o idmap=user billziss@macbook-pro: Y:
$ cd /cygdrive/y

• The mounted directory is not writeable, even if sshfs is invoked with -ouid=$(id -u),gid=$(id -g)

Try with the -o idmap=user switch. This will map your Cygwin uid to the remote system one.

• There does not seem to be a way to properly unmount the now-mounted directory.

Just use pkill.

$ pkill sshfs

This will actually properly unmount the file system and shutdown sshfs.

[hodigy]

I had the issue that I needed to go through an Proxy and some other advanced config. In the end my workaround was to setup an ssh tunel to the server's 22 port and sshfs connects to the tunel. This way I was able to get it working.

[vberta]

I had the issue that I needed to go through an Proxy and some other advanced config. In the end my workaround was to setup an ssh tunel to the server's 22 port and sshfs connects to the tunel. This way I was able to get it working.

I have the same problem. How did you exactly setup the tunnel? I tried with no success

[vmiheer]

@vberta, In powershell:

ssh -L 2222:localhost:22 remotehostname

Then in sshfs mounting:

\\sshfs\REMUSER@localhost!2222

[Cuberick-Orion]

I am also trying to go through some jump-box and connect to a server.

I think sshfs right now can identify the local config file and use it (evidence being: it recognized and executed the proxy command). But somehow the process went dead with exit code 0. I am not sure what triggered it. For info please see the following debug1 output:

PS C:\Program Files\SSHFS-Win\bin> .\sshfs REMOTE_USER@REMOTE_HOST:/home/REMOTE_USER/ R: -p22 -ovolname=HOSTNAME -odebug -ologlevel=debug1 -oStrictHostKeyChecking=no -oUserKnownHostsFile=/dev/null -oidmap=user -ouid=-1 -ogid=-1 -oumask=000 -ocreate_umask=000 -omax_readahead=1GB -oallow_other -olarge_read -okernel_cache -ofollow_symlinks -oPreferredAuthentications=publickey -oIdentityFile="C:/Users/LOCAL_USER/.ssh/id_rsa"

SSHFS version 3.5.2
executing <ssh> <-x> <-a> <-oClearAllForwardings=yes> <-oPort=22> <-ologlevel=debug1> <-oStrictHostKeyChecking=no> <-oUserKnownHostsFile=/dev/null> <-oPreferredAuthentications=publickey> <-oIdentityFile=C:/Users/LOCAL_USER/.ssh/id_rsa> <-2> <REMOTE_USER@REMOTE_HOST> <-s> <sftp>
debug1: Reading configuration data C:\\Users\\LOCAL_USER/.ssh/config
debug1: C:\\Users\\LOCAL_USER/.ssh/config line 27: Applying options for redwood.gpu
debug1: Executing proxy command: exec ssh JUMP_BOX_USER@JUMP_BOX_HOST -X -W REMOTE_HOST:22
debug1: identity file C:/Users/LOCAL_USER/.ssh/id_rsa type 0
debug1: identity file C:/Users/LOCAL_USER/.ssh/id_rsa-cert type -1
debug1: identity file C:\\Users\\LOCAL_USER\\.ssh\\id_rsa type 0
debug1: identity file C:\\Users\\LOCAL_USER\\.ssh\\id_rsa-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_for_Windows_8.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.2p1 Ubuntu-4ubuntu0.1
debug1: match: OpenSSH_8.2p1 Ubuntu-4ubuntu0.1 pat OpenSSH* compat 0x04000000
debug1: Authenticating to REMOTE_HOST:22 as 'REMOTE_USER'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none
debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:REDACTED
Warning: Permanently added 'REMOTE_HOST' (ECDSA) to the list of known hosts.
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: pubkey_prepare: ssh_get_authentication_socket: No such file or directory
debug1: Will attempt key: C:/Users/LOCAL_USER/.ssh/id_rsa RSA SHA256:REDACTED explicit

debug1: Will attempt key: C:\\Users\\LOCAL_HOST\\.ssh\\id_rsa RSA SHA256:REDACTED explicit
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,[email protected],ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected]>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering public key: C:/Users/LOCAL_USER/.ssh/id_rsa RSA SHA256:REDACTED explicit
debug1: Server accepts key: C:/Users/LOCAL_USER/.ssh/id_rsa RSA SHA256:REDACTED explicit
debug1: Authentication succeeded (publickey).
Authenticated to REMOTE_HOST (via proxy).
debug1: channel 0: new [client-session]
debug1: Requesting [email protected]
debug1: Entering interactive session.
debug1: pledge: proc
debug1: client_input_global_request: rtype [email protected] want_reply 0
debug1: Remote: /home/REMOTE_USER/.ssh/authorized_keys:2: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug1: Remote: /home/REMOTE_USER/.ssh/authorized_keys:2: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug1: Sending subsystem: sftp
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: channel 0: free: client-session, nchannels 1
Transferred: sent 2728, received 2960 bytes, in 0.2 seconds
Bytes per second: sent 12347.4, received 13397.4
debug1: Exit status 0
read: Connection reset by peer

[Cuberick-Orion]

@vberta, In powershell:

ssh -L 2222:localhost:22 remotehostname

Then in sshfs mounting:

\\sshfs\REMUSER@localhost!2222

I can confirm that this works.

[gregoryleblanc]

I'm seeing a similar issue as @Cuberick-Orion. It seems like this is really close to working, but perhaps it should be in a new issue, since the title doesn't match?

Here's my redacted debug level 1 output.

 PS C:\Program Files\SSHFS-Win\bin> .\sshfs HOSTNAME:/home/USER/ R: -p22 -odebug -ologlevel=debug1  -oidmap=user -omax_readahead=1GB -olarge_read
SSHFS version 3.5.2
executing <ssh> <-x> <-a> <-oClearAllForwardings=yes> <-oPort=22> <-ologlevel=debug1> <-2> <HOSTNAME> <-s> <sftp>
debug1: Reading configuration data C:\\Users\\LOCAL_USER/.ssh/config
debug1: C:\\Users\\LOCAL_USER/.ssh/config line 11: Applying options for HOSTNAME
debug1: Executing proxy command: exec ssh BASTION nc HOSTNAME 22
debug1: identity file C:\\Users\\LOCAL_USER/.ssh/id_rsa type 0
debug1: identity file C:\\Users\\LOCAL_USER/.ssh/id_rsa-cert type -1
debug1: identity file C:\\Users\\LOCAL_USER/.ssh/id_dsa type -1
debug1: identity file C:\\Users\\LOCAL_USER/.ssh/id_dsa-cert type -1
debug1: identity file C:\\Users\\LOCAL_USER/.ssh/id_ecdsa type -1
debug1: identity file C:\\Users\\LOCAL_USER/.ssh/id_ecdsa-cert type -1
debug1: identity file C:\\Users\\LOCAL_USER/.ssh/id_ed25519 type 3
debug1: identity file C:\\Users\\LOCAL_USER/.ssh/id_ed25519-cert type -1
debug1: identity file C:\\Users\\LOCAL_USER/.ssh/id_xmss type -1
debug1: identity file C:\\Users\\LOCAL_USER/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_for_Windows_8.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.9p1 Raspbian-10+deb10u2+rpt1
debug1: match: OpenSSH_7.9p1 Raspbian-10+deb10u2+rpt1 pat OpenSSH* compat 0x04000000
debug1: Authenticating to HOSTNAME:22 as 'USER'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none
debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:SHA256
debug1: Host 'HOSTNAME' is known and matches the ECDSA host key.
debug1: Found key in C:\\Users\\LOCAL_USER/.ssh/known_hosts:3
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: Will attempt key: C:\\Users\\LOCAL_USER/.ssh/id_ed25519 ED25519 SHA256:SHA256 agent
debug1: Will attempt key: C:\\Users\\LOCAL_USER/.ssh/id_rsa RSA SHA256:SHA256 agent
debug1: Will attempt key: C:\\Users\\LOCAL_USER/.ssh/id_dsa
debug1: Will attempt key: C:\\Users\\LOCAL_USER/.ssh/id_ecdsa
debug1: Will attempt key: C:\\Users\\LOCAL_USER/.ssh/id_xmss
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering public key: C:\\Users\\LOCAL_USER/.ssh/id_ed25519 ED25519 SHA256:SHA256 agent
debug1: Server accepts key: C:\\Users\\LOCAL_USER/.ssh/id_ed25519 ED25519 SHA256:SHA256 agent
debug1: Authentication succeeded (publickey).
Authenticated to HOSTNAME (via proxy).
debug1: channel 0: new [client-session]
debug1: Requesting [email protected]
debug1: Entering interactive session.
debug1: pledge: proc
debug1: client_input_global_request: rtype [email protected] want_reply 0
debug1: Remote: /home/USER/.ssh/authorized_keys:1: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug1: Remote: /home/USER/.ssh/authorized_keys:1: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug1: Sending subsystem: sftp
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: channel 0: free: client-session, nchannels 1
Transferred: sent 2064, received 2552 bytes, in 0.3 seconds
Bytes per second: sent 7994.3, received 9884.4
debug1: Exit status 0
read: Connection reset by peer
PS C:\Program Files\SSHFS-Win\bin>

[gregoryleblanc]

Pretty sure this bug should be closed, since it does seem to use .ssh/config. I think this issue is the correct one for the issue in the last few comments: https://github.com/billziss-gh/sshfs-win/issues/166