schapendonk.org

At home, I have a small network with a Samba server. On my Windows XP notebook, I have a few drive mappings to this server. I guess lots of people have some kind of file server at home nowadays.

Did you ever need a file that lived on a Samba-share on your home network while you were out (work, school, customer site, whatever)? I do. Regularly. Maybe it’s just my fault and I should think more thoroughly which files to take with me on my USB stick. Anyway, I found out a way how to use my drive mappings transparantly at home and anywhere else by simply using PuTTY and an SSH connection to the server.

Samba uses TCP/IP port 139. You could open up that port to the internet, but it would mean an extra security risk. Besides, lots of ISPs block this port because of many known attacks (e.g. the Sasser worm). It would be more secure to only expose SSH to the internet and still be able to use your Samba shares at home.

To do that, we need four steps: install a loopback network adapter, configure it, create an LMHOSTS file and create the SSH tunnel in PuTTY. This walkthrough is mostly inspired by an old email message on the Samba mailing list.

Install a loopback network adapter

A loopback network adapter is kind of a “virtual network adapter”: it acts as a normal network adapter, but you don’t have to install any physical hardware to use it. It is only usable on the PC it’s installed on (other PCs can’t connect to it).

1. Go to Control Panel - Add Hardware
2. Click Next, then wait a while, choose “Yes, I have already connected to the hardware” and Next again.
3. Choose the last option, “Add a new hardware device”, click Next.
4. Choose “Install the hardware that I manually select from a list (Advanced)”, click Next.
5. Choose “Network adapters”, click Next.
6. Choose Microsoft, “Microsoft Loopback Adapter”, click Next and Next again.
7. Click Finish.

Configure the Microsoft Loopback Adapter

Since the loopback adapter won’t have a DHCP server to ask for an IP address, we need to configure an IP address manually.

1. Right click on “My Network Places” (on your desktop or in your Start Menu), click Properties.
2. Find the network connection that is associated with the “Microsoft Loopback Adapter”. Usually it’s called “Local Area Connection 2″. For clarity, I renamed mine to “Loopback” (what’s in a name?). Right click the connection name, click Rename and change it.
3. Right click the Loopback connection, click Properties.
4. On the General tab: disable “Client for Microsoft Networks” and “File and Printer Sharing for Microsoft Networks” (only untick the checkboxes, DO NOT uninstall!).
5. Click “Internet Protocol (TCP/IP)” and click Properties.
6. On the General tab: click “Use the following IP address” and pick a private IP address on an unused subnet (I used 192.168.100.100 with subnet mask 255.255.255.0).
7. Click Advanced.
8. On the WINS tab: click “Disable NetBIOS over TCP/IP”, then click OK and again OK.
9. Click Close.

Create or edit the LMHOSTS file

1. Open the file “C:\WINDOWS\system32\drivers\etc\lmhosts” (create it if it doesn’t exist - note that the file should have no file extension).
2. Add the following line to the end of the file:
   192.168.100.100 servernamehere
3. Save and close.

Configure PuTTY

At last, we have to tell PuTTY to create an SSH tunnel from the loopback connection to our home server. I assume you already have a PuTTY saved session to connect to your home server.

1. Open PuTTY, click your saved session and click Load.
2. Go to Connection - SSH - Tunnels.
3. In Source port, type “192.168.100.100:139″ (I know, the field is quite small, but it will accept the value anyway).
4. In Destination, type “localhost:139″.
5. Click Add, and do not forget to resave your saved connection!

To confirm that everything is working, connect to your home server with the saved session in PuTTY. Click Start - Run and enter “\\servernamehere\sharenamehere”. Depending on your Samba setup, you may have to enter a username and password. Done!

Background information a.k.a. Frequently Asked Questions

Why do I have to install an extra loopback adapter? Can’t I use the adapter that’s already in my PC?

Yes, in fact you could use the adapter that’s already in your PC. But… you would still have to disable the Client for Microsoft Networks and File and Printer Sharing. That means you won’t be able to use any other shares besides your home shares. Not very practical. An extra adapter allows you to have Microsoft Networking enabled on your normal network connection and use your home shares simultaneously with other (work, school, …) shares.

Do I really need the LMHOSTS file?

No, you don’t. You could refer to the IP address as well (e.g. connect to “\\192.168.100.100\sharenamehere”). But I wanted the solution to be transparant, whether I’m at home or not. If I use “\\servernamehere\sharenamehere” at home, then I want to use it anywhere else as well (or else I have to remember too many things). That’s what the LMHOSTS file is for.

Happy Samba-PuTTY-tunneling!

Technorati: samba, putty, ssh, tunnel, windows xp, lmhosts, port forwarding

Share This

Tags: Tools //