Slashdot Mirror

← Back to Stories (view on slashdot.org)

Experiences and Thoughts on SHFS?

Posted by Cliff on from the ssh-based-fileshares dept.

eugene ts wong asks: "I was looking over SHFS, & I thought that this seems like a very good software package. If I understand it correctly, then it should be the defacto way to mount shares across a network. I never heard of it till today, though. What do all of you think of this? What kinds of experiences do you have? I am interested in hearing some of your stories. I heard that NFS isn't secure. How do they both compare? Would you recommend SHFS for small, medium & large businesses?"

12 of 43 comments (clear)

  1. who told you NFS is not secure ? by johnjones · · Score: 4, Interesting

    or more to the point why do you think its secure ?

    it all comes down to trust...

    do you trust the network your pluged into ?
    how about the people who are selling that VPN ?

    I surgest that you have a look at IPSec

    it works on winXP linux solaris BSD's and then find a Networked File System that is high performance

    regards

    John Jones

  2. I just recently found it myself by Padrino121 · · Score: 5, Interesting

    I wanted a transparent way to access my remote files over SSH since it's the only external access I trust and came upon SHFS a couple of weeks ago.

    It has worked out really nice and I now don't have to do the scp or SFTP dance all of the time to edit files on a remote box.

    One thing I came across though during "make install" under 2.6 is that the .ko module built for 2.6 that the install process copies to you lib/modules directory didn't work. There was however a .o as well built for 2.6 that worked great after I copied it manually.

  3. tried it by Satai · · Score: 4, Informative

    I tried it, and I found it to be a bit unreliable. This was last fall... Random accesses on files were slow, and frequently it hung, leaving me with orphaned partitions I couldn't umount. Otherwise it worked ok -- I mean, it was easy to configure and whatnot, but performance wise when I tried it it was found lacking.

  4. 3 week experience. by Anonymous Coward · · Score: 5, Informative

    I have been using shfs for a few weeks now, and here are the pros and cons with my limited experience with it.

    Pros:
    (i) mounting remote filesystems over ssh is great, as you don't have to worry about opening up new ports.
    (ii) read-only performance is good (I haven't had any problems).

    Cons:
    (i) definitely *buggy* (do not even think of using this for mounting partitions w/ critical data). For e.g., I mounted it read-only and by mistake opened a file with vim. When I tried to !wq, vim refused to write (obviously!), and I just escaped with a q!. Much to my chagrin, the file was gone--- I later figured that this was not a random bug; it was repeatable.
    (ii) write performance (across a 1Mbps DSL conn.) *sucks*!

    1. Re:3 week experience. by gid · · Score: 3, Interesting

      That's really too bad. I tried shfs probably at least 3 years ago or so. I had similar problems. I tried reporting bugs about it, went back and forth a bit, trying new versions as new versions came out with supposed fixes which never quite resolved it. I eventually just lost interest and ended up using something else. There were also some permission problems, it's been awhile now, I can't remember exactly what the problem was but I remember being very frustrated and losing data. (test data mind you). It was also suggested not to "push it" opening too many files at once, another stipulation that made it useless to me. What's pushing it, accessing 2 files at once? 3? 4?

  5. LUFS by telemnar · · Score: 5, Interesting

    sounds a lot like LUFS ( http://lufs.sf.net ) which lets you mount remote filesystems via SSH, FTP, and several other novel protocols.

    1. Re:LUFS by jefu · · Score: 3, Informative
      I've been using lufs across several machines (mostly for the sshfs filesystem) for a bit now with good results - a couple problems (keeping dates in sync for make has been a problem), but nothing insurmountable.

      Easy install, easy to use. Good stuff.

  6. Tried it and now using FISH by wan-fu · · Score: 5, Informative

    I tried using shfs but it didn't work very well (YMMV, I'm running a Gentoo 2.6.3 kernel) with my system. Frequent timeouts and the program had problems unmounting shfs mounts. I recently switched to using the "FISH" feature in KDE (fish://username@host/path_to_stuff/) and that has worked fairly well for my purposes.

    1. Re:Tried it and now using FISH by hattmoward · · Score: 3, Interesting

      If you're not forced to do so, change it to sftp://. It is a much better solution if your ssh target has an sftp backend. FISH uses basic shell tools at the remote, like shfs, and that's just too much complexity to be a good solution.

  7. shfs: fine for casual use by Anonymous Coward · · Score: 3, Interesting

    i have been using it for months at home. works great on the home wireless network. well, up until i switched to using my 15" powerbook.

    despite being quite excited about the possibilities, i'd never run this in a production environment. alot of people run down nfs for being insecure and sucky on any number of levels. i have to say, we had a very active messaging system behind a very high profile website use nfs for two years due to a combination of stupid developers and vendor going out of business. it NEVER broke. and we were churning 100's of thousands of files over nfs per day.

    eventually i had to stop bringing it up in meetings cause it never broke. of course YMMV, mine sure did.

  8. ...or you can try sfs by dwoolridge · · Score: 5, Interesting
    From the main page for SFS (Self-certifying File System):
    SFS is a secure, global network file system with completely decentralized control. SFS lets you access your files from anywhere and share them with anyone, anywhere. Anyone can set up an SFS server, and any user can access any server from any client. SFS lets you share files across administrative realms without involving administrators or certification authorities.
  9. Try NFSv4, or you could tunnel samba over ssh by danpritts · · Score: 3, Informative

    I am not familiar with shfs other than a brief read of the website and this thread.

    w/r/t NFS security, NFSv4 should solve most if not
    all of the problems. Fundamentally two things always bothered me about NFS security.

    RPC - NFS makes heavy use of sun-style RPC, requiring you to use the RPC libraries and the portmapper. This stuff has a bad reputation for security problems, eg, buffer overflows, and there is a lot of it, and it runs on random ports so it's difficult to filter/firewall/tunnel it.

    no user credentials - NFS through V3 doesn't provide any user credentials - root on the client has access to all users' files on the mounted filesystem. There's no server-enforced security.

    NFSv4 fixes the RPC/multiple ports problem.
    I don't know about the user credential problem but i bet it fixes that too.

    On to the quick-and-dirty:
    In the past, I've set up a samba server and used the linux smbfs client to access it, and tunneled the whole business over SSH. It worked reliably, to the limited extent that i tested it (YMMV).
    I don't really remember how well it performed - it was more of a proof-of-concept for me.