[Samba] ssh tunnelling with putty

[Brian Johnson]

A number of VPN solutions do not work for win98 clients (including openvpn)

Although winscp is a working option, I am trying to determine if a secure
method is available to use the windows explorer interface like a normal samba
share



Tim Tait (t.tait at comcast.net) wrote:
>
> Jonathan Johnson wrote:
>
> >On Tue, 15 Jun 2004, Paul Krash wrote:
> >
> >
> >
> >>Hi Brian!
> >>
> >>Brian Johnson wrote:
> >>
> >>
> >>>Could someone provide some help tunnelling a connection through a ssh pipe
> >>>using putty on a windows 98 client to a samba server?
> >>>
> >>>
> >>OK, ssh goes through port 22, mapping a drive requires ports 137 and 139
> >>(tcp and udp) to be open and routable by Windows RPC client.
> >>
> >>I would suggest configuring The Microsoft VPN adapter to attach to the
> >>server, then map your drive to samba.
> >>
> >>You will have to have the VPN configured on the server (and both routers).
> >>
> >>I am assuming (ah!!!) that you are trying to reach the samba server from
> >>outside the host network.
> >>
> >>
> >>
> >
> >Of course, the point of tunnelling is to allow one to connect to a
> >particular remote port (such as 137 and 139) when only ssh is
> >available. This works by creating a listening port of your choice on
> >the Windows machine, which PuTTY forwards via SSH to a remote machine
> >of your choice.
> >
> >Where this breaks down for SMB is when you realize that there is
> >already a listening service on ports 137 and 139: the windows server
> >service (or whatever it's euivalent is in 9x -- file and printer
> >sharing, I guess). That means that no matter how you try to connect to
> >the remote machine, all you're gonna get is your own computer.
> >
> >Now, there may be a way around it: for your local port, specify
> >something on the order of "127.0.0.5:137". For your remote port,
> >specify 137 on the remote IP address. This is sort of like the
> >"loopback adapter" but (hopefully) Windows isn't already listening on
> >that IP address to port 137. You may then be able to reach the remote
> >computer by the address 127.0.0.5.
> >
> >I haven't tried this, so your mileage may vary. But I think it's worth
> >a shot. Now, you won't be able to browse the remote network, but maybe
> >someone else knows a better way.
> >
> >--Jonathan Johnson
> >jon at sutinen.com
> >
> You could try a VPN that can pass thru ssh and has both Linux and
> Windows support, like OpenVPN or CIPE... I think you just need to
> forward one port, and it will appear on both machines to be a seperate
> ethernet adapter. If I remember right, OpenVPN will even pass thru an
> HTTP proxy, which ssh has built in.
>
> <http://openvpn.sourceforge.net/>
>
> Tim
>
>
>