Solved Cannot mount Hetzner storage box for backups using SSHFS
-
Hello,
On one instance I've got backups issue when mounting my storage box using CIFS (we tried to debug with @nebulon but we didn't quite get to the bottom of it). One suggested solution was to mount the storage box using SSHFS instead.
Problem is, I cannot get it to work. I have set-up my ssh keys and it seems to work fine as I can login with that key pair from a terminal on my local machine via sftp.
When try connect to it via cloudron I get the following (sadly unhelpful) error message: Failed to mount (failed): Could not determine failure reason.
Things I've tried:
- set-up two type of public keys as per the hetzner doc: https://docs.hetzner.com/robot/storage-box/backup-space-ssh-keys
- tried to connect to several remote directories on the same storage box
- tried to connect with either port 22 or 23
SSH is enabled on the Hetzner storage box control panel (which is obvious otherwise I could not connect via sftp from terminal).
Has anyone tried to mount such storage via SSHFS?
Any idea what might be going wrong?Thanks!
-
@avatar1024 Had to try it myself to understand it.
- I generated OpenSSH keys using
ssh-keygen
on my PC. - SFTP'ed the keys as suggested by - https://docs.hetzner.com/robot/storage-box/backup-space-ssh-keys/#uploading-authorized_keys .
- Because, we are using OpenSSH keys, we should use port 23. So, I tested it:
$ ssh -p 23 -i /tmp/storage_rsa xx@xx.your-storagebox.de The authenticity of host '[xx.your-storagebox.de]:23 ([116.202.54.208]:23)' can't be established. ED25519 key fingerprint is SHA256:XqONwb1S0zuj5A1CDxpOSuD2hnAArV1A3wKY7Z3sdgM. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes Warning: Permanently added '[xx.your-storagebox.de]:23,[116.202.54.208]:23' (ED25519) to the list of known hosts. PTY allocation request failed on channel 0 +-------------------------------------------------------------------------------+ | Your authentication works but we do not support interactive logins. | | For more information on how to access your Storage Box please check our Docs: | | https://docs.hetzner.com/robot/storage-box/access/access-ssh-rsync-borg | +-------------------------------------------------------------------------------+ Connection to xx.your-storagebox.de closed.
Nice, so the hetzner setup works.
Now, for Cloudron side:
The key part is that the Remote Directory is
/home
. That took a bit of diving into their docs but I finally found that it was/home
from the output at https://docs.hetzner.com/robot/storage-box/access/access-ssh-rsync-borg/#sftp - I generated OpenSSH keys using
-
@girish I mean, what can I say, other than a big THANK YOU. I'm sorry I missed the "/home" as being the root remote directory with sftp and you had to go through the bother of trying it out by yourself. It's weird they don't make it that explicit. I actually went through their docs too and went through the same steps as you did so I knew the set-up was working which is why I resorted to this forum and to you guys as a last resources (I promise I try not to ask you for help until I've exhausted my own resources
).
Now it's successfully switched to SSHFS my fingers are crossed I won't have any more backup issues (still the backup failures with CIFS are a mastery...got exactly the same set-up on two other instances and it never fails - all on the same storage box, same VPS provider, same OS, etc.).
-
@avatar1024 No worries, it was good to test it out with our mounting code. I found that Hetzner CIFS is SMBv1 (atleast per dmesg output) which is a thing of the past. This is why CIFS mounting is not working/not reliable.
-
girish
-
Trying to connect a hetzner storagebox as Volume. I keep having the the error:
'Failed to mount (inactive): read: Connection reset by peer'I followed the guidline: https://docs.hetzner.com/robot/storage-box/backup-space-ssh-keys/#uploading-authorized_keys
- Hetzner Robot: SSH-Support enabled
- generated the key with oppenssh, uploaded the authorized_keys file.
- SFTP is working
Any idea?
-
@solarsimon are you able to manually mount this using a custom line in /etc/fstab or a sshfs mount command?
For reference in my Cloudron, which also uses Hetzner SSHFS for backups, the Cloudron generates the following systemd mount unit at
/etc/systemd/system/mnt-cloudronbackup.mount
:[Unit] Description=backup [Mount] What=u193526@u193526.your-storagebox.de:. Where=/mnt/cloudronbackup Options=allow_other,port=23,IdentityFile=/home/yellowtent/platformdata/sshfs/id_rsa_u193526.your-storagebox.de,StrictHostKeyChecking=no,reconnect Type=fuse.sshfs [Install] WantedBy=multi-user.target
-
@nebulon said in Cannot mount Hetzner storage box for backups using SSHFS:
using a custom line in /etc/fstab
From the basic knowlege i have, i tried doing that.
I followed some tutorials i found.
(https://ivan.reallusiondesign.com/mount-sshfs-volumes-in-fstab-with-ssh-key/ and https://www.bveml.net/de/news/hetzner-backup-space-inkrementelles-backup-mit-rsnapshot.html)- I added ssh key to /home/.ssh
- added fstap: sshfs#uxxxxx5@uxxxxxx5.your-storagebox.de:/home /mnt/backup/ fuse IdentityFile=/home/.ssh/id_rsa,uid=0,gid=0,users,idmap=user,noatime,allow_other,_netdev,reconnect,ro 0 0
- restarted the server
I find a folder mnt/backup/ without content. I placed some files in the storeagebox/home. No content in /media/
I'm a basic user coming from windows
Trying my best^^
-
@solarsimon what you did seems to be correct from a quick glance. So looks like this is independent of Cloudron as such. Maybe the permissions of the SSH key file is too open? The permissions should be
-rw-------
so can you for a start try to runchmod 600 /home/.ssh/id_rsa
?Further are there any logs in the system logs while attempting to mount? Once you have the
/etc/fstab
line, you can usemount /mnt/backup
andumount /mnt/backup
without having to reboot the server. Logs may be found injournalctl --system
-
I made a clean installation of cloudron on a ubuntu hetzner server.
After that I could mount the storage box with the procedure I tried before without problems.So I dont know what was wrong. But now everything working fine.
Thanks -
@girish
I tried this exact same setup. I was able to connect to the storage via SFTP and my SSH key and I copied my private SSH key as instructed to Cloudron.When I now try to save the backup settings using SSHFS it keeps working and never finishes. The log says
Jan 14 11:40:33 box:shell addMount spawn: /usr/bin/sudo -S /home/yellowtent/box/src/scripts/addmount.sh [Unit]\nDescription=backup\n\nRequires=unbound.service\nAfter=unbound.service\nBefore=docker.service\n\n\n[Mount]\nWhat=uxxxxx@uxxxxx.your-storagebox.de:/\nWhere=/mnt/cloudronbackup\nOptions=allow_other,port=23,IdentityFile=/home/yellowtent/platformdata/sshfs/id_rsa_uxxxxx.your-storagebox.de,StrictHostKeyChecking=no,reconnect\nType=fuse.sshfs\n\n[Install]\nWantedBy=multi-user.target\n\n 10 Jan 14 11:40:44 box:shell addMount (stdout): Failed to mount Jan 14 11:40:44 box:shell addMount code: 3, signal: null Jan 14 11:42:04 box:shell removeMount spawn: /usr/bin/sudo -S /home/yellowtent/box/src/scripts/rmmount.sh /mnt/cloudronbackup
Not sure what else I can try.
Edit: magically and waiting one night it works now.