[Samba] ssh tunnelling with putty

Brian Johnson bjohnson at johnson-engineering.ca
Wed Jun 16 03:20:28 GMT 2004

I am following http://www.aerospacesoftware.com/samba-ssh-tunnel-howto.htm and
others that I found that suggest that a drive can be mapped through a
tunnelled port 139 using putty if the File Sharing Network tool is

I can successfully tunnel port 25, but cannot map a drive through my port 139
tunnel and am trying to troubleshoot what might be going wrong

Jonathan Johnson (jon at sutinen.com) wrote:
> On Tue, 15 Jun 2004, Paul Krash wrote:
> > Hi Brian!
> >
> > Brian Johnson wrote:
> > > Could someone provide some help tunnelling a connection through a ssh pipe
> > > using putty on a windows 98 client to a samba server?
> >
> > OK, ssh goes through port 22, mapping a drive requires ports 137 and 139
> > (tcp and udp) to be open and routable by Windows RPC client.
> >
> > I would suggest configuring The Microsoft VPN adapter to attach to the
> > server, then map your drive to samba.
> >
> > You will have to have the VPN configured on the server (and both routers).
> >
> > I am assuming (ah!!!) that you are trying to reach the samba server from
> > outside the host network.
> >
> Of course, the point of tunnelling is to allow one to connect to a
> particular remote port (such as 137 and 139) when only ssh is
> available. This works by creating a listening port of your choice on
> the Windows machine, which PuTTY forwards via SSH to a remote machine
> of your choice.
> Where this breaks down for SMB is when you realize that there is
> already a listening service on ports 137 and 139: the windows server
> service (or whatever it's euivalent is in 9x -- file and printer
> sharing, I guess). That means that no matter how you try to connect to
> the remote machine, all you're gonna get is your own computer.
> Now, there may be a way around it: for your local port, specify
> something on the order of "". For your remote port,
> specify 137 on the remote IP address. This is sort of like the
> "loopback adapter" but (hopefully) Windows isn't already listening on
> that IP address to port 137. You may then be able to reach the remote
> computer by the address
> I haven't tried this, so your mileage may vary. But I think it's worth
> a shot. Now, you won't be able to browse the remote network, but maybe
> someone else knows a better way.
> --Jonathan Johnson
> jon at sutinen.com

More information about the samba mailing list