Ian Malone wrote:
On 24/11/06, Jeffrey Ross <jeff@xxxxxxxxxx> wrote:
I know I can set up an SSH tunnel and proxy my traffic through the
tunnel, either by using specific predetermined ports or by using the -D
option so it works like a socks proxy.
My question is, can I pass NFS or SaMBa traffic via an SSH tunnel as
well? Performance via the tunnel is not a priority.
Samba yes, port 139(*), the host you are tunneling from will need
to be allowed to access the share. NFS, don't know.
(*) Can be tunnelled from a Windows machine if you:
1. Install a loopback interface on 10.0.0.x (**)
2. Do the forwarding from 10.0.0.x:139 to the server port 139
3. Point windows at the share on 10.0.0.x:139
(**) Apparently there's some issue with 127.0.0.x loopbacks,
but I've never investigated.
Maybe I should have included a wonderful ASCII diagram so you can see
how everything is laid out as the example you provided I think only
allows between the two ssh endpoints.
Here is my pitiful ascii diagram:
Private (10.x.x.x/8 addressing)
|
v-public address v /--(smb fileservers)
(HostA)------(FW)--internet---(FW)---------------(HostB)
^ ^-public address
|
(private 172.16.x.x/20 addressing)
I need (want?) host A to be able mount filesystems from any of the smb
fileservers. Host B has both NFS and Samba loaded and can mount smb
filesystems from the smb fileservers today.
Also Host B's address space is in the 10 net, obviously I can choose
another address range for a loopback, but I've never seen anything other
than 127.0.0.1 as a loopback on a unix machine and changing it will
surely break something. Can I create loopback1? I've never tried....
The SSH tunnel is between the two unix machines (Host A and Host B) only
with the windoZe machine behind the unix machine terminating the ssh tunnel.
I have found sshfs and I'm in the process of reviewing it to see if it
can do what I want.
Jeff