Debian文件系統如何實現遠程訪問

SSHFS (Secure Shell Filesystem)
SSHFS is a popular method for securely mounting remote file systems over SSH, leveraging the encrypted nature of SSH for data transfer. It integrates with FUSE (Filesystem in Userspace), allowing non-root users to create custom file systems without modifying kernel code.

Installation: On Debian, install SSHFS and FUSE using:

sudo apt update && sudo apt install sshfs fuse

Ensure the SSH client is installed (default on Debian) for connectivity.

Mounting a Remote Directory:

1. Create a local mount point (e.g., /mnt/remote):

   sudo mkdir -p /mnt/remote
   

2. Use sshfs to mount the remote directory. Replace user@remote_host with your remote credentials and /path/to/remote/dir with the target directory:

   sshfs user@remote_host:/path/to/remote/dir /mnt/remote
   

   For non-default SSH ports (e.g., 2222), add the -p option:

   sshfs -p 2222 user@remote_host:/path/to/remote/dir /mnt/remote
   

3. Verify the mount with df -h, which should list the remote directory under the local mount point.

Unmounting: Use fusermount to safely unmount:

fusermount -u /mnt/remote

Persistence (Optional): To auto-mount on boot, edit /etc/fstab and add an entry like this (replace placeholders with your details):

user@remote_host:/path/to/remote/dir /mnt/remote fuse.sshfs defaults,_netdev,user,idmap=user,transform_symlinks,identityfile=~/.ssh/id_rsa,allow_other,default_permissions 0 0

This ensures the remote directory mounts automatically after a reboot.

NFS (Network File System)
NFS is a protocol for sharing directories between Linux/Unix systems. It’s ideal for trusted networks where performance is critical, but requires careful configuration to avoid security risks.

Server Setup (Debian):

1. Install NFS server packages:

   sudo apt update && sudo apt install nfs-kernel-server nfs-common
   

2. Create a shared directory (e.g., /srv/nfs):

   sudo mkdir -p /srv/nfs
   sudo chown nfsnobody:nfsnobody /srv/nfs  # Set ownership to NFS's default user
   sudo chmod 755 /srv/nfs                 # Allow read/execute for all
   

3. Configure shared directories by editing /etc/exports. For example, to share /srv/nfs with the 192.168.1.0/24 subnet (read/write, sync):

   /srv/nfs 192.168.1.0/24(rw,sync,no_subtree_check)
   

   Key options:
   • rw: Allow read/write access.
   • sync: Write changes to disk before responding (safer than async).
   • no_subtree_check: Improve performance (disable subtree validation).
4. Restart NFS services to apply changes:

   sudo systemctl restart nfs-kernel-server
   

   Enable auto-start on boot:

   sudo systemctl enable nfs-kernel-server
   ```.  
   
   

Client Setup (Debian):

1. Install NFS client packages:

   sudo apt update && sudo apt install nfs-common
   

2. Create a local mount point (e.g., /mnt/nfs):

   sudo mkdir -p /mnt/nfs
   

3. Mount the remote share using mount:

   sudo mount -t nfs remote_host:/srv/nfs /mnt/nfs
   

   Replace remote_host with the NFS server’s IP/hostname.

Persistence (Optional): Add an entry to /etc/fstab for auto-mounting:

remote_host:/srv/nfs /mnt/nfs nfs defaults,_netdev 0 0

The _netdev option ensures the mount waits for the network to be ready.

Samba (SMB/CIFS)
Samba enables file sharing between Linux and Windows systems using the SMB/CIFS protocol. It’s useful for mixed environments but may have higher overhead than NFS/SSHFS.

Server Setup (Debian):

1. Install Samba server packages:

   sudo apt update && sudo apt install samba
   

2. Create a shared directory (e.g., /srv/samba/share):

   sudo mkdir -p /srv/samba/share
   sudo chown nobody:nogroup /srv/samba/share  # Allow all users to write
   sudo chmod 777 /srv/samba/share             # Open permissions (adjust for security)
   

3. Configure Samba by editing /etc/samba/smb.conf. Add a share section at the end:

   [ShareName]
   path = /srv/samba/share
   available = yes
   valid users = smbuser  # Restrict to specific users
   read only = no
   browsable = yes
   public = no
   writable = yes
   

4. Create a Samba user (must be a system user first):

   sudo smbpasswd -a smbuser
   

   Set a password for the Samba user (different from the system password).

Restart Samba:

sudo systemctl restart smbd

Enable auto-start:

sudo systemctl enable smbd

Client Setup (Debian):

1. Install Samba client utilities:

   sudo apt update && sudo apt install cifs-utils
   

2. Create a local mount point (e.g., /mnt/samba):

   sudo mkdir -p /mnt/samba
   

3. Mount the Samba share using mount:

   sudo mount -t cifs //remote_host/ShareName /mnt/samba -o username=smbuser,password=smbpassword,iocharset=utf8
   

   Replace remote_host, ShareName, smbuser, and smbpassword with your Samba server details.

Persistence (Optional): Add an entry to /etc/fstab for auto-mounting:

//remote_host/ShareName /mnt/samba cifs username=smbuser,password=smbpassword,iocharset=utf8,_netdev 0 0

The _netdev option ensures the mount waits for the network.

Key Considerations for All Methods

• Security:
  • SSHFS encrypts all traffic by default (ideal for public networks).
  • NFS requires firewall rules (allow TCP/UDP 2049) and should use no_root_squash cautiously (only for trusted clients).
  • Samba should use strong passwords and restrict access to specific IPs/networks.
• Performance:
  • SSHFS may have higher latency than NFS/Samba due to encryption.
  • NFS is faster for Linux-to-Linux transfers, while Samba is better for cross-platform compatibility.
• Permissions:
  • Ensure remote users have appropriate permissions on the shared directory (e.g., chmod/chown for NFS, Samba user permissions for Samba).
• Firewall:
  • Open necessary ports (SSH: 22, NFS: 2049, Samba: 445/tcp, 137-139/udp) in your firewall (e.g., ufw for Ubuntu, firewalld for RHEL).