login about faq

Could you provide us with instructions on how to tunnel SMB via SSH?

asked Dec 29 '10 at 20:01

SSH%20KB's gravatar image

SSH KB ♦
509249246237


SSH Tectia Client can be used for establishing an encrypted tunnel between two hosts for forwarding NetBIOS traffic between the hosts. This KB item describes the actions needed for using remote SMB resources through a tunnel. Most of the configuration steps are done on the client side. Ensure that the SSH Tectia Server allows TCP forwarding (tunneling) in it's configuration. Make sure that binding to a given TCP port number (139) is allowed on the destination host.

Client Side Configuration Steps

  1. File and printer sharing needs to be removed from the client machine because otherwise the TCP port 139 used for file sharing will be reserved locally by Windows and the tunnel cannot be created. Note that the file and printer sharing service needs to be removed. Just disabling the service by un-checking the box will keep the TCP port 139 still reserved and a tunnel cannot be created.
  1. Select Start > Settings > Network and Dial-up Connections > your_connection > Properties
  2. Select 'File and Printer Sharing for Microsoft Networks' and click 'Uninstall'
  1. NetBIOS over TCP/IP is the session-layer network service that performs name-to-IP address mapping for name resolution and needs to be enabled for tunneled connections. Also LMHOSTS lookup needs to be enabled.
  1. Select Start > Settings > Network and Dial-up Connections > your_connection > Properties
  2. Select Internet Protocol (TCP/IP) - Properties
  3. Click 'Advanced...'
  4. Go to the WINS tab and select 'Enable NetBIOS over TCP' If you wish to define the servers in LMHOSTS file (Step 3), also make sure that LMHOSTS lookup is enabled.
  5. Reload the LMHOSTS file by issuing the following command in command prompt: nbtstat -R
  1. Create appropriate entries for tunnel destination servers in C:\WINNT\system32\drivers\etc\lmhosts. In the following example samba1 and samba2 are the tunnel destination servers that share their resources. By creating the lmhosts entries it is possible to connect to the correct server with the server's name after the corresponding tunnel is set up. Do not use #PRE or #DOM for tunneled hosts.

-- Example: lmhosts 127.0.0.1 localhost 127.0.0.1 samba1

127.0.0.1 samba2

  1. Define the tunnel

On the command line client:

ssh2 -L 139:localhost:139 samba1

or on the GUI client:

Display Name:       SMB
Type:           TCP
Listen port:        139
Destination Host:   localhost
Destination Port:   139
  1. Connecting to the shares:
  1. Open the ssh connection with a local tunnel for port 139 to the destination server.
  2. Start Microsoft Windows Explorer/map a drive/issue a net use -command in the command prompt.
  3. Connect to the share as follows: \\samba1\share The share will appear in the Microsoft Windows Explorer window or as the assigned drive letter.

Note that only one tunnel can be in place for the TCP port 139 at a time, so when connecting to another server you will need to close the active tunnel and open a new connection to the correct destination server.

link

answered Dec 29 '10 at 20:01

SSH%20KB's gravatar image

SSH KB ♦
509249246237

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×1

Asked: Dec 29 '10 at 20:01

Seen: 1,624 times

Last updated: Mar 10 '11 at 04:22

Related questions

All user contributed content licensed under the cc-by-sa license.
Powered by OSQA.