Solved

Mapping a network drive over SSH in Windows

Posted on 2008-10-28
13
1,656 Views
Last Modified: 2012-05-05
Im trying to share a network drive over internet. Many has recomended to create trust relationship between domains and use VPN. However this sounds to be a bit complex and my two systems are runing on MS Small Business Server 2003 and there is also license limitations to do this. I have found some articles that this should be possible to do with SSH. My environmet is that I have one SBS2003 environment in city A and other SBS environment in city B. These environments want to share one common network drive together. If it helps I can setup third environment where is real Windows Server 2003 or 2008 (not SBS). Do someone has some basic introduction how to do this with SSH (or by someother way). Im not familar at all with SSH and I would like to be sure that this share what im building would be safe.
0
Comment
Question by:thaapavuori
  • 7
  • 6
13 Comments
 
LVL 14

Expert Comment

by:dfxdeimos
ID: 22826175
Do you want the files to exist in SiteA or SiteB? Keep in mind that the files are going to be pulled across the wire to whatever site does not host them.
0
 

Author Comment

by:thaapavuori
ID: 22826234
It doesnt matter they can exist in SiteA or in SiteB (they are my customers) or these files can stay in my own server and these SiteA and SiteB can use those files over internet.
0
 

Author Comment

by:thaapavuori
ID: 22826252
There is not very much network trafic, these files will be basically just office and pdf files and there will be less than 50 users which are using them randomly.
0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 
LVL 14

Expert Comment

by:dfxdeimos
ID: 22826398
Probably the easiest way to do this would be to this would be to set up a share in SiteA, create a user account in the domain @ SiteA that is granted permission to access the shared folders, then forward ports 135-139 to the internal IP address of the server that is doing the sharing. Optionally you can set up a DNS entry to point to the external IP of SiteA

You can then (from SiteB) map the drive by going to \\ExternalIPAddressofSiteA\Share (or \\DNSNameForSiteA\Share) and connect by using the username and password you set up.
0
 

Author Comment

by:thaapavuori
ID: 22828765
This sounds clever. Do you know some step by step article how to do this?
0
 
LVL 14

Expert Comment

by:dfxdeimos
ID: 22833615
I couldn't find a guide but the steps are pretty straight forward.

1) Set up the share in the site you want to share the files from.

2) Set up a user in the domain that is sharing the files that the other users will use to connect to the share.

3) Grant share and NTFS permission to the shared folder for the user you just set up.

4) Log into your router and forward ports 135 - 139 (TCP and UDP) and 445 (TCP and UDP) to the internal IP address of the server that is sharing the files.

5) Figure out the EXTERNAL IP address of the site that is sharing the files.

6) At the site that you want to download the files to you should then be able to map a drive to \\IPAddressFromPreviousStep\ShareName

You can do all of these steps one at a time without affecting anything on your network so if you want to just walk through it and post results / problems back here I can help walk through it.
0
 

Author Comment

by:thaapavuori
ID: 22833957
sounds simple. can i use private IP address and just make NAT from firewall to this private IP? Why I need to forward 445 SSL port? How about SSH, when I should install it and how i should configure it (or am i out?)?
0
 
LVL 14

Expert Comment

by:dfxdeimos
ID: 22834025
Yes, you can set it up that way. You just have to make sure that those ports get forwarded to the machine that is hosting the share.

443 is the default SSL port. 445 is used for NetBIOS name resolution. It may not be necessary, but it is listed as one of the ports used by Windows File Sharing.

My solution doesn't use SSH, you would just connect to the share (from the other site) by navigating to \\External IP Address\Share name.
0
 

Author Comment

by:thaapavuori
ID: 22834075
sorry i mixed those port numbers. so in this way these files are not encrypted at all? there is no any simple way encrypt them?
0
 
LVL 14

Expert Comment

by:dfxdeimos
ID: 22834094
There is no simple way (that I know of) to encrypt the files if you use this method. The only protection is restricting access to them based upon the username and password that you set up for file access.

If you require encryption then you may have to go with a different solution.
0
 

Author Comment

by:thaapavuori
ID: 22834150
ok... in this case user name and password are also transferred just blank text? You dont propaply have solution how to enrypt those files...?
0
 
LVL 14

Accepted Solution

by:
dfxdeimos earned 500 total points
ID: 22834347
I am not 100% sure, but I do not believe the passwords are sent in clear text since it using the Windows authentication mechanism... I could be wrong however. You could install wireshark after you had it set up and sniff the packets to find out.

The other option is to create a secure VPN tunnel between sites and connect the file share that way.
0
 
LVL 14

Expert Comment

by:dfxdeimos
ID: 22834454
If it doesn't work out as you planned just open up a new Question and alert me by e-mailing to:

richard <AT> r3portfolio <DOT> com
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Need to open a hard disk on a Mac 16 131
File Server Migration from 2003 to 2008R2 3 74
Regarding SecurityCRT issue 5 46
how can i gnupg encrypt a PDF document? 12 62
If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
Encryption for Business Encryption (https://en.wikipedia.org/wiki/Encryption) ensures the safety of our data when sending emails. In most cases, to read an encrypted email you must enter a secret key that will enable you to decrypt the email. T…
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question