• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1666
  • Last Modified:

Mapping a network drive over SSH in Windows

Im trying to share a network drive over internet. Many has recomended to create trust relationship between domains and use VPN. However this sounds to be a bit complex and my two systems are runing on MS Small Business Server 2003 and there is also license limitations to do this. I have found some articles that this should be possible to do with SSH. My environmet is that I have one SBS2003 environment in city A and other SBS environment in city B. These environments want to share one common network drive together. If it helps I can setup third environment where is real Windows Server 2003 or 2008 (not SBS). Do someone has some basic introduction how to do this with SSH (or by someother way). Im not familar at all with SSH and I would like to be sure that this share what im building would be safe.
0
thaapavuori
Asked:
thaapavuori
  • 7
  • 6
1 Solution
 
dfxdeimosCommented:
Do you want the files to exist in SiteA or SiteB? Keep in mind that the files are going to be pulled across the wire to whatever site does not host them.
0
 
thaapavuoriAuthor Commented:
It doesnt matter they can exist in SiteA or in SiteB (they are my customers) or these files can stay in my own server and these SiteA and SiteB can use those files over internet.
0
 
thaapavuoriAuthor Commented:
There is not very much network trafic, these files will be basically just office and pdf files and there will be less than 50 users which are using them randomly.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
dfxdeimosCommented:
Probably the easiest way to do this would be to this would be to set up a share in SiteA, create a user account in the domain @ SiteA that is granted permission to access the shared folders, then forward ports 135-139 to the internal IP address of the server that is doing the sharing. Optionally you can set up a DNS entry to point to the external IP of SiteA

You can then (from SiteB) map the drive by going to \\ExternalIPAddressofSiteA\Share (or \\DNSNameForSiteA\Share) and connect by using the username and password you set up.
0
 
thaapavuoriAuthor Commented:
This sounds clever. Do you know some step by step article how to do this?
0
 
dfxdeimosCommented:
I couldn't find a guide but the steps are pretty straight forward.

1) Set up the share in the site you want to share the files from.

2) Set up a user in the domain that is sharing the files that the other users will use to connect to the share.

3) Grant share and NTFS permission to the shared folder for the user you just set up.

4) Log into your router and forward ports 135 - 139 (TCP and UDP) and 445 (TCP and UDP) to the internal IP address of the server that is sharing the files.

5) Figure out the EXTERNAL IP address of the site that is sharing the files.

6) At the site that you want to download the files to you should then be able to map a drive to \\IPAddressFromPreviousStep\ShareName

You can do all of these steps one at a time without affecting anything on your network so if you want to just walk through it and post results / problems back here I can help walk through it.
0
 
thaapavuoriAuthor Commented:
sounds simple. can i use private IP address and just make NAT from firewall to this private IP? Why I need to forward 445 SSL port? How about SSH, when I should install it and how i should configure it (or am i out?)?
0
 
dfxdeimosCommented:
Yes, you can set it up that way. You just have to make sure that those ports get forwarded to the machine that is hosting the share.

443 is the default SSL port. 445 is used for NetBIOS name resolution. It may not be necessary, but it is listed as one of the ports used by Windows File Sharing.

My solution doesn't use SSH, you would just connect to the share (from the other site) by navigating to \\External IP Address\Share name.
0
 
thaapavuoriAuthor Commented:
sorry i mixed those port numbers. so in this way these files are not encrypted at all? there is no any simple way encrypt them?
0
 
dfxdeimosCommented:
There is no simple way (that I know of) to encrypt the files if you use this method. The only protection is restricting access to them based upon the username and password that you set up for file access.

If you require encryption then you may have to go with a different solution.
0
 
thaapavuoriAuthor Commented:
ok... in this case user name and password are also transferred just blank text? You dont propaply have solution how to enrypt those files...?
0
 
dfxdeimosCommented:
I am not 100% sure, but I do not believe the passwords are sent in clear text since it using the Windows authentication mechanism... I could be wrong however. You could install wireshark after you had it set up and sniff the packets to find out.

The other option is to create a secure VPN tunnel between sites and connect the file share that way.
0
 
dfxdeimosCommented:
If it doesn't work out as you planned just open up a new Question and alert me by e-mailing to:

richard <AT> r3portfolio <DOT> com
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

  • 7
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now