Re: Tunnelling SMB over SSH or SSL

From: Jason Reeves (notr00t@yahoo.com)
Date: 11/05/01 

Message-ID: <20011105021420.98215.qmail@web20204.mail.yahoo.com>
Date: Sun, 4 Nov 2001 18:14:20 -0800 (PST)
From: Jason Reeves <notr00t@yahoo.com>
Subject: Re: Tunnelling SMB over SSH or SSL
To: focus-ms@securityfocus.com

> Can anyone recommend another solution to have encrypted, secure file
> sharing between Windows machines and UNIX (specifically OpenBSD)?

I've been looking into this problem recently myself and you might be
able to use my information.

There is a port of openssh for windows. It's a console util that works
just like it's *nix cousin, and it can handle tunneling. Example:

ssh -L 137:files.domain.com:137
ssh -L 138:files.domain.com:138
ssh -L 139:files.domain.com:139

The Windows port of openssh can be found here:
http://www.networksimplicity.com/openssh/

As for older OSs that have to have UDP to do things like browsing,
etc., there's a way to handle that as well. Netcat will happily pipe
UDP packets into a TCP stream:

#client side
ssh -L 9137:files.domain.com:9137
ssh -L 9138:files.domain.com:9138
ssh -L 9139:files.domain.com:9139

nc -l -u -p 137 | nc localhost 9137
nc -l -u -p 138 | nc localhost 9138
nc -l -u -p 139 | nc localhost 9139

#server side
nc -l -p 9137 | nc localhost -u 137
nc -l -p 9138 | nc localhost -u 138
nc -l -p 9139 | nc localhost -u 139

I'm not sure if you'll need to install the Cygwin bash port in order
for Windows to handle the piping properly, or if the Windows port of
Netcat will handle that for you. By the way, Netcat for Windows is
here: http://www.atstake.com/research/tools/.

I haven't tested this, but I believe the theory behind this is sound.

Hope this helps!

__________________________________________________
Do You Yahoo!?
Find a job, post your resume.
http://careers.yahoo.com

Relevant Pages

  • Re: OpenSSH, Telnet, Windows Authentication and double-hops
    ... >> ssh -L) ... JM> in seperate DOS console windows in this order: ... I'm using the 3.8 version of OpenSSH. ... >> Kerberos ticket, or your password in order to acquire one. ...
    (comp.security.ssh)
  • Re: OpenSSH, Telnet, Windows Authentication and double-hops
    ... >> ssh -L) ... JM> in seperate DOS console windows in this order: ... >> Kerberos ticket, or your password in order to acquire one. ... JM> We're focusing on the OpenSSH for Windows distribution. ...
    (comp.security.ssh)
  • RE: Tunnelling SMB over SSH or SSL
    ... Tunnelling SMB over SSH or SSL ... It is it possible to get Windows 2000 to tunnel SMB over SSH or SSL? ...
    (Focus-Microsoft)
  • Re: FC6 VPN
    ... Then you can run any application you would like off the server by simply running it, or if you want to run a whole session, use gnomesession. ... ssh client that supports X forwarding, which is want you want to be looking at. ... SSH allows you to forward any local port to any remote port. ... If you need to connect to, say a windows share, you would forward your local port to the linux server through the ssh tunnel. ...
    (Fedora)
  • Re: OpenSSH, Telnet, Windows Authentication and double-hops
    ... deployment on a Windows network. ... Does this mean that you are setting SSH port forwarding ... does not provide the other side with either a Kerberos ticket, ... We're focusing on the OpenSSH for Windows distribution. ...
    (comp.security.ssh)