How to mount smb over ssh tunnel to host?

Saburouta Mishima
Saburouta Mishima used Ask the Experts™
I have tunneled mixed linux and windows clients to a 'within-firewall client' (that could access the share's host) before, so I know that that, at least, is possible.

But what about tunneling directly from the client to the host of the network share?

Can I have samba listen on port, say, 5559 (just an example), and only accept connections from localhost, and tunnel a client's 5559 to that host - so that the client appears to be connecting from host's localhost? I can't figure out how to set it up. So far, I have samba configured:

hosts allow = ::1 lo
interfaces = lo
bind interfaces only = yes
And I'm tunneling from the host:

ssh -R 5559:localhost:5559 shrusr@shrhost -Nf
However, if samba is already running, than TCP forwarding fails. If the tunnel is already running, than samba cannot start. Is what I'm trying to accomplish possible? Is there some other way to do it?

It seems like it should work - I can even netcat myself files across that ssh tunnel. So, netcat has no problem listening to the same port as ssh. Only smbd refuses, and also blocks ssh from that port if started first.

Any advice would be appreciated.
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Distinguished Expert 2017

the difficulty you when mapping a an SMB share, I am uncertain you can direct the requests to flow to a port other than expected, you could setup a you need an SSL or IPSEC vpn that .. a socks proxy, but not sure whether you could ...

you could try creating a tunnel localhost:5559 to the remotehost:445
but the issue is how to use/specif in the mapping \\localhost:5559\sharename.

The issue I think is a functional one. Have you looked at SSL VPN or ipsec VPN
in a maner of speaking you need a clear path to the destination port 445
\\someip\someshare that will traverse the tunnel.

After some thinking, perhaps someone already needed this particular setup and .....

see if this helps you.


I tried adapting the concepts from the link to doing it with Windows and Putty. No luck. Since that link is about a fairly automatic setup, it's actually not all that useful.
murugesandinsSenior Manager Shell_script Automation /bin/bash /bin/bash.exe /bin/ksh /bin/mksh.exe AIX C C++ CYGWIN_NT HP-UX Linux MINGW32 MINGW64 SunOS Windows_NT

Writing the comment for
closing this question (last comment on 2017-11-12)
which will be performed if inactive more than 14 days.
This cannot be done. SSH tunnels over TCP and is therefore unable to correctly route all cifs traffic.

I will move on to trying to use OpenVPN instead of SSH.


This cannot be done.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial