FTP로 접속한 디렉토리를 마운트하여 네트워크 드라이브처럼 사용하는 방법입니다.
예를들어 로컬디스크 공간이 부족한경우… 별도에 FTP 저장소가 있다면 마운트걸어 백업한 데이타를 바로 넘겨 디스크공간을 좀더 효율적으로 사용할수 있습니다.
테스트 환경은 Ubuntu 14.04 에서 진행하였으며 CentOS/RHEL 계열에서도 설치가능합니다.
:: 패키지 설치 – curlftpfs
# apt-get install curlftpfs
:: 마운트 포인트 지정
# mkdir /ftp_dir_mount
:: 마운트
본문에서 사용할 FTP 접속정보는 아래와 같습니다.
– FTP 서버 : 192.168.30.193
– 아이디 : smileserv
– 패스워드 : idchowto.com
명령어 형식은 아래와 같습니다.
curlftpfs -o allow_other [아이디]:[패스워드]@[FTP 서버] [마운트 포인트]
# curlftpfs -o allow_other smileserv:idchowto.com@192.168.30.193 /ftp_dir_mount
마운트를 하게되면 아래 첨부한 이미지처럼 아이디와 패스워드가 그대로 노출하게 됩니다. 그렇다면….. 아이디 패스워드를 노출없이 하려면 어떻게 ???
FTP 접속 아이디 / 패스워드를 .netrc 파일로 관리하는 방법입니다.
이 방법 역시 파일내에 아이디와 패스워드가 그대로 노출되는 문제는 있지만 그냥 TIP 정도로만 소개하겠습니다.
.netrc 파일은 접속자 정보 환경설정 파일로 리눅스에서 아이디와 패스워드를 사용자 디렉토리내에 .netrc 파일을 통해 관리할수 있습니다.
.netrc 파일에 대한 자세한 설명은 링크 클릭해서 참고하세요.
https://www.gnu.org/software/inetutils/manual/html_node/The-_002enetrc-file.html
# touch /root/.netrc
# chmod 600 /root/.netrc
# cat /root/.netrc
machine 192.168.30.193
login smileserv
password idchowto.com
# curlftpfs -o allow_other 192.168.30.193 /ftp_dir_mount
마운트지점에 아이디, 패스워드 정보가 사라진게 눈에 보이죠…
디테일한 옵션은 아래 help 긁어다 옮겨 놓습니다.
# curlftpfs –help
usage: curlftpfs <ftphost> <mountpoint>
CurlFtpFS options:
-o opt,[opt…] ftp options
-v –verbose make libcurl print verbose debug
-h –help print help
-V –version print version
FTP options:
ftpfs_debug print some debugging information
transform_symlinks prepend mountpoint to absolute symlink targets
disable_epsv use PASV, without trying EPSV first (default)
enable_epsv try EPSV before reverting to PASV
skip_pasv_ip skip the IP address for PASV
ftp_port=STR use PORT with address instead of PASV
disable_eprt use PORT, without trying EPRT first
ftp_method [multicwd/singlecwd] Control CWD usage
custom_list=STR Command used to list files. Defaults to “LIST -a”
tcp_nodelay use the TCP_NODELAY option
connect_timeout=N maximum time allowed for connection in seconds
ssl enable SSL/TLS for both control and data connections
ssl_control enable SSL/TLS only for control connection
ssl_try try SSL/TLS first but connect anyway
no_verify_hostname does not verify the hostname (SSL)
no_verify_peer does not verify the peer (SSL)
cert=STR client certificate file (SSL)
cert_type=STR certificate file type (DER/PEM/ENG) (SSL)
key=STR private key file name (SSL)
key_type=STR private key file type (DER/PEM/ENG) (SSL)
pass=STR pass phrase for the private key (SSL)
engine=STR crypto engine to use (SSL)
cacert=STR file with CA certificates to verify the peer (SSL)
capath=STR CA directory to verify peer against (SSL)
ciphers=STR SSL ciphers to use (SSL)
interface=STR specify network interface/address to use
krb4=STR enable krb4 with specified security level
proxy=STR use host:port HTTP proxy
proxytunnel operate through a HTTP proxy tunnel (using CONNECT)
proxy_anyauth pick “any” proxy authentication method
proxy_basic use Basic authentication on the proxy
proxy_digest use Digest authentication on the proxy
proxy_ntlm use NTLM authentication on the proxy
httpproxy use a HTTP proxy (default)
socks4 use a SOCKS4 proxy
socks5 use a SOCKS5 proxy
user=STR set server user and password
proxy_user=STR set proxy user and password
tlsv1 use TLSv1 (SSL)
sslv3 use SSLv3 (SSL)
ipv4 resolve name to IPv4 address
ipv6 resolve name to IPv6 address
utf8 try to transfer file list with utf-8 encoding
codepage=STR set the codepage the server uses
iocharset=STR set the charset used by the client
CurlFtpFS cache options:
cache=yes|no enable/disable cache (default: yes)
cache_timeout=SECS set timeout for stat, dir, link at once
default is 10 seconds
cache_stat_timeout=SECS set stat timeout
cache_dir_timeout=SECS set dir timeout
cache_link_timeout=SECS set link timeout
FUSE options:
-d -o debug enable debug output (implies -f)
-f foreground operation
-s disable multi-threaded operation
-o allow_other allow access to other users
-o allow_root allow access to root
-o auto_unmount auto unmount on process termination
-o nonempty allow mounts over non-empty file/dir
-o default_permissions enable permission checking by kernel
-o fsname=NAME set filesystem name
-o subtype=NAME set filesystem type
-o large_read issue large read requests (2.4 only)
-o max_read=N set maximum size of read requests
-o hard_remove immediate removal (don’t hide files)
-o use_ino let filesystem set inode numbers
-o readdir_ino try to fill in d_ino in readdir
-o direct_io use direct I/O
-o kernel_cache cache files in kernel
-o [no]auto_cache enable caching based on modification times (off)
-o umask=M set file permissions (octal)
-o uid=N set file owner
-o gid=N set file group
-o entry_timeout=T cache timeout for names (1.0s)
-o negative_timeout=T cache timeout for deleted names (0.0s)
-o attr_timeout=T cache timeout for attributes (1.0s)
-o ac_attr_timeout=T auto cache timeout for attributes (attr_timeout)
-o noforget never forget cached inodes
-o remember=T remember cached inodes for T seconds (0s)
-o intr allow requests to be interrupted
-o intr_signal=NUM signal to send on interrupt (10)
-o modules=M1[:M2…] names of modules to push onto filesystem stack
-o max_write=N set maximum size of write requests
-o max_readahead=N set maximum readahead
-o max_background=N set number of maximum background requests
-o congestion_threshold=N set kernel’s congestion threshold
-o async_read perform reads asynchronously (default)
-o sync_read perform reads synchronously
-o atomic_o_trunc enable atomic open+truncate support
-o big_writes enable larger than 4kB writes
-o no_remote_lock disable remote file locking
-o no_remote_flock disable remote file locking (BSD)
-o no_remote_posix_lock disable remove file locking (POSIX)
-o [no_]splice_write use splice to write to the fuse device
-o [no_]splice_move move data while splicing to the fuse device
-o [no_]splice_read use splice to read from the fuse device
Module options:
[iconv]
-o from_code=CHARSET original encoding of file names (default: UTF-8)
-o to_code=CHARSET new encoding of the file names (default: UTF-8)
[subdir]
-o subdir=DIR prepend this directory to all paths (mandatory)
-o [no]rellinks transform absolute symlinks to relative