This is a simple way to mount an OSX shared folder over SSH without installing any additional software. For this to work you must be sharing a folder using AFP (Apple File Sharing) protocol and have “Remote Login” (i.e. SSH) enabled. These settings are all found in System Preferences->Sharing. If your server is behind a firewall, you must open the SSH port (usually port 22).
Step One: Open up terminal and enter the following command:
ssh -N -p 22 USERNAME@HOSTNAME -L 5480/localhost/548
Replace USERNAME with the remote username and replace HOSTNAME with the domain name or IP address of your server. For example jason@192.168.1.100. If you run SSH on a non-standard port, you can also replace 22 with your port number. You’ll be prompted for a password then you won’t see any further output.
This creates an SSH tunnel from local port 5480 to remote port 548. In Apple terms you might think of this as an alias. The remote server’s incoming port 548 is the default port used by Apple File Sharing service. Our local outgoing port 5480, on the other hand, could be any unused port number on the local machine. I chose 5480 just because it’s similar to 548, therefore easy to remember. For these instructions assume you’re using 5480. Anyway, you might think of your tunnel as something like this:
local port 5480 -> SSH -> Internet -> SSH -> remote port 548
Step Two: Click anywhere on your desktop or open Finder so that you see the “Go” menu in your menu bar. Select from the menu bar: Go-> Connect to Server…
In the server address, enter “afp://localhost:5480″ (without the quotes)
This may seem crazy because it appears you are connecting to “localhost” which would normally be your local computer. Remember though, port 5480 on your local machine is an ‘alias’ (if you will) to port 548 on the remote machine. So this will connect to port 548 on the remote machine via the encrypted tunnel.
After a moment you should get a standard login dialog. Enter your remote username/password and you’ll be presented with the available shares. Select the share you want and you should see it appear in the Finder in a moment. That’s it! You can now open and drag/drop files. The connection will probably be slower depending on your connection speed, but otherwise it works the same as if you were connecting directly.
(Optional) Additional Software and Alternatives
If you’re uncomfortable with the command like, there’s a GUI application for connecting to SSH servers and creating tunnels called SSH Tunnel Manager. You can download it from http://projects.tynsoe.org/en/stm/. The functionality is the same, but if you prefer clicking a button instead of typing in the terminal window, it can be useful.
If you don’t really care about mounting the drive and you just want a way to securely transfer files, CyberDuck is a great program that works basically like an FTP client, but you can specify SFTP as your connection type to connect over SSH.
Another method for connecting to shares over SSH is through an application called MacFuse with it’s required counterpart sshfs. This may look the same as an SSH tunnel, but is technically very different. MacFuse is a program that allows you to make anything appear to be a file system and SSH is just one of the possible implementations. You might say that this app tricks your computer into thinking something is a local hard drive. I gave MacFuse a try and personally did not find it reliable for this specific purpose. A plain old SSH tunnel works great for me so I don’t plan to use MacFuse for this purpose. However it is an interesting idea and has many other uses.
Please feel free to leave a comment if you have any remote connection tips or tricks.
Thanks for the info! This seams to be possibility “copy” the SUBST command from windose to mount a folder as volume!
Helps me a lot!!
Hello,.. Thank-you for this tutorial,.. GREAT STUFF and useful.
I have a problem with AFS that perhaps *you’ve* already solved. Can you help? If not,. don’t worry.. I’ll figure it out.. just slower.
SITUATION:
Xserve1 uses AFP to serve out user accounts (the accounts are on a local external XSan disk).
Portable Home Directories (PHD) sync those to client laptops.
But the folder is ALSO permanently mounted onto XServe2 (‘>mount’ on Xserve2 shows it correctly mounted).
THE PROBLEM:
When I log into Xserve2, the users folder is mounted AGAIN (causing grief with file perms etc.). There was no problem pre-SnowLeopard (10.5).
I KNOW I could just stop using PHD,.. but I don’t want to give that up.
I also KNOW that could just not mount permanently,.. but I need it for a bunch of other reasons.
I COULD just move the files physically from Xserve1 to Xserve2 but that just shifts the problem elsewhere (I’ll have double-mounts on Xserve1).
MY QUESTION:
1. How do *you* local-mount users, permanent-mount on another server, and PHD to mobile laptops syncing their home dirs.
2. How might I prevent the automount from happening while preserving the use of PHD? (woud making a hardlink work?.. configuring fstab in an exotic way? digging into the hidden prefs on OS X Server? Latching on to some sort of apple event linked to the the system log file?
Your help is appreciated and will win you a privileged place in heaven (and a free beer if you come by Lausanne, Switzerland).
Best,
Shawn
Hey Shawn, I usually work with the app servers so I don’t really know much about managing local user profiles on an OSX network. I used to manage a Windows network with “roaming profiles” a long time ago but unfortunately I can’t be of much help to you.
I’ll be glad to join you for a beer though!
Hi. This may be the solution i am looking for, but I am not the big tech guy so please le me describe my problem …
I subscribe to a ftp-server service and I can connect via cmd-K and ftp:// which mounts the server on the dektop, but i can only download from the server which is pointless because the idea is i have to upload so my clients can download their illustrations that are too big to send by email.
My ISP has blocked port 548 so i can not use afp:// …
Will this trick you have described solve that problem?
Kind regards,
Peter
@Peter If your account doesn’t have write permission, then typically you will get the same result regardless of how you connect (FTP, SSH, etc)
I would contact the ftp service admin and tell them you can’t write to your account.
Hello Jason, thank you for your response. Actually, I can work fine with an FTP programme, I just can’t mount the share on the deskop using afp like i used to because my new ISP has blocked port 548 “for security reasons”.
If I use a FTP program lige Transmit or Fetch I have no problems, but i (and especially my wife) has been used to just drag and drop like the external server was a local external hard disk.
Ah I misunderstood. For some reason OSX only mounts FTP servers as read only. You can do it using MacFuse, though here’s a tutorial – http://www.turingtarpit.com/2009/04/mounting-remote-filesystems-on-osx-leopard-using-sshfs-macfuse-and-macfusion/