[Samba] Samba/Windows XP and SSH tunnelling

Noel Kelly nkelly at citrusnetworks.net
Mon Feb 10 22:06:09 GMT 2003 

François

I am afraid you have reached the exact same conclusions that i did and from
what i could figure there was no way it would work becasue of the refusal of
2000/XP to load the loopback from lmhosts.

If you do figure it out then let me know!  It would certainly be very useful
but for the moment i am using Freeswan,

Cheers,
Noel

-----Original Message-----
From: François Mayrand [mailto:mayrf00 at hotmail.com]
Sent: 10 February 2003 20:30
To: Noel Kelly
Cc: samba at lists.samba.org
Subject: Re: [Samba] Samba/Windows XP and SSH tunnelling


Hi Noel,

Great! I'm glad to see you had the same problem caching the loopback on
Windows XP.
How did you solve this? Here is my setup info and the answers to your
questions.

My samba server's IP is 192.168.0.2
I have a firewall on the samba server blocking port 139. I want to block
this port and force my file transfers to go through the SSH tunnel.
I'm forwarding the local 139 port on the Windows box to the samba server's
port 139 with PuTTY:
    plink 192.168.0.2 -l username -L 139:192.168.0.2:139 -v
My lmhosts file contains: 127.0.0.1 SAMBASERVER #PRE
I flushed the cache and preloaded it with 'nbtstat -R'
I checked the cache with 'nbtstat -c' and the binding between 127.0.0.1 and
SAMBASERVER doesn't appear.

> Can the original poster tell me what happens when he tries to ping the
> remote hostname?

ping 192.168.0.2 --> It works

Does he get replies from 127.0.0.1?

net view 127.0.0.1 --> This shows my shares on my Windows XP box instead of
my shares on SAMBASERVER

If I change my lmhosts file to: 192.168.0.2 SAMBASERVER #PRE
I can load it into the NetBIOS cache without any problems but...
this doesn't solve the problem because when I run
'net view \\SAMBASERVER' I get an error 1234 (No service at port 139).
This is because of my firewall on the server that blocks connections to port
139.
In this configuration the Windows box is trying to connect directly to port
139 on
the Samba box.

That's the whole point of this exercise. I don't want to connect directly to
port 139 on the server, I want it to go through the SSH tunnel.

Thanks,

François

----- Original Message -----
From: "Noel Kelly" <nkelly at citrusnetworks.net>
To: <chris at devidal.tv>; "Jon Niehof" <jniehof at paladigm.com>; "'François
Mayrand'" <mayrf00 at hotmail.com>
Cc: <samba at lists.samba.org>
Sent: Monday, February 10, 2003 2:24 PM
Subject: RE: [Samba] Samba/Windows XP and SSH tunnelling


> You cannot forward UDP using SSH.  This is why the hack to set the remote
> server's Netbios name to 127.0.0.1 using lmhosts is used.
>
> I tried this before and it seems that Windows 2000/XP refuse to load the
> loopback address as a valid netbios destination IP.
>
> Can the original poster tell me what happens when he tries to ping the
> remote hostname?  Does he get replies from 127.0.0.1?  Or does it just not
> resolve and using 'nbtstat -c' shows no evidence of it being loaded from
the
> lmhosts?  I suspect the latter - try changing the entry in lmhosts to
> something other than the loopback and then do a 'nbtstat -R' to flush the
> cache.  An 'nbtstat -c' will then show it listed in the cache.
>
> HTH
> Noel

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

---
Incoming mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.449 / Virus Database: 251 - Release Date: 27/01/2003
 

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.449 / Virus Database: 251 - Release Date: 27/01/2003

More information about the samba mailing list