PDA

View Full Version : Tunneling windows shares over SSH



Ripdog
10-07-2008, 03:23 PM
I need to set up a windows share to allow access by simply connecting over SSH for a sync program, but have been unable to find out how to. Several hours of googling and experimenting has lead to nothing but a simple standard SSH connection, as all the tutorials on the web are based on linux/mac samba tunneling, and are thus less then useful in this circumstance.

Does anyone here know of a nice tutorial of how to do this?

dyewitness
10-07-2008, 03:41 PM
It was a while ago when a was on a project that did this.

We used "Windows Services for UNIX" on the Windows box:
http://technet.microsoft.com/en-us/interopmigration/bb380242.aspx

I think it was pretty much just a case of having the windows share setup as a nfs share, then you could mount that share and do what you wish from the *nix machines.

Ripdog
12-07-2008, 06:39 PM
Unfortunately no Unix computers are involved here, and I am unsure if the software I am using will function correctly with an NFS share. Tunneling a normal SMB share must be possible, there must be someone out there who can help.
Thanks anyway, dyewitness.

Erayd
13-07-2008, 03:10 AM
You should be able to tunnel it to an ip somewhere in the localhost subnet (which encompasses all of 127.0.0.0/8, note that you *cannot* use 127.0.0.1!). Something like this should do the trick:
putty.exe -L 127.0.1.1:139:127.0.0.1:139Note that you probably will need to forward more than just port 139 (I think at least one more) - I can't remember the other SMB ports off the top of my head.

Provided you do this correctly, the remote computer can then be accessed at 127.0.1.1 as if you were browsing any other normal computer on the network.

Note that while this *should* work on Windows, I make no promises - I have only tested it on Linux. The only reason this would fail on Windows is if Microsoft have not implemented their TCP/IP stack correctly, or if SMB is bound to all IP addresses in the localhost range. You may need to do a few weird things to your firewall to allow this though - if you run into trouble, try disabling it completely until you get things working.

If SMB binds to all IPs, then you will never be able to do this without first completely disabling the local filesharing services.