How to Mount Rutgers Microsoft or Samba Fileserver Securely from Home for WindowsOS

By Hanz Makmur - LCSR Computing Facility Rutgers University

 

Last Modified: Feb 4, 2003

 

Scenario:

You have files sitting on Microsoft fileserver or Samba fileserver that can be accessed only from inside Rutgers. You want to be able to mount this fileserver shares securely on your home computer via your DSL or Cable modem service.

 

Solution:

This is can easily be done by setting up a secure (encrypted) tunnel via your unix account on a machine such as eden.rutgers.edu or rci.rutgers.edu and use that machine as a router to the fileserver that you would like to mount. The method we will be using is known as local port forwarding.

 

Software Requirement

-          For WindowsOS: WinSSH (ftp://ftp.cis.fed.gov/pub/ssh/ ) (Freeware)

 

Setup for home computer running Windows OS (98/ME/NT/2000/XP)

 

To setup your WindowsOS computer to acces windows fileserver at Rutgers, you should use the following steps:

  1. Download and Install WinSSH.
  2. Prepare your Windows Computer for local port forwarding
  3. Set up a Secure Tunnel to Your Fileserver
  4. Establish the Tunnel using WinSSH
  5. Mount the Fileserver securely.
  6. Unmounting Volume and Closing the Tunnel

 

A - Download and Install WinSSH.

 

WinSSH is available free for educational use at ftp://ftp.ssh.com/pub/ssh/. Download and install SSHSecureShellClient-x.yz.exe first. (where x.y.z denotes the latest available version.) Follow the installation instruction that come with WinSSH. After following the installation instruction, Secure Shell Client will be installed under the Start/Programs/SSH SecureShell/Secure Shell Client and the following icons will be on your desktop.

 

 

B. Prepare your Windows computer for Local Port Forwarding.

 

Most Windows OS comes with preinstalled File and Printer Sharing installed. You will need to uninstall this service. To uninstall File and Printer Sharing do the following:

1.-Go to Start click on Control Panel. A control panel window shown in Figure 1. will open.

2-Open the Network and Dialup Connection icon to see available Network Connections in your computer as shown in Figure 2.

 

3-Open Local Area Connection icon and Local Area Connection Status will open ( Figure 3.)

4-Click on the Properties button and the Local Area Connection Properties window will open. (Figure 4)

5- Click on the File and Printer Sharing for Microsoft Networks and click on the Uninstall button as shown in Figure 4.

6.- You will be asked to reboot your computer after this step. Reboot your computer.

 

C. Set up a Secure Tunnel to Your Fileserver,

 

To set up a secure tunnel to Rutgers, do the following:

 

 

1. Run Secure Shell Client by double clicking on its icon on the desktop. Once Secure Shell Client is running, select the Edit menu and choose the Settings item (See Figure 5). A window shown in Figure 6. will open.

 

2. Under the Settings Window as shown in Figure 6, click on Profile Settings/Tunneling tab. On the tunneling subwindow, click on the Outgoing tab. Click the Add button and a Edit Outgoing Tunnel window shown in Figure 6. will open.

 

3. In this window, add the following entry

Display Name: SMB or SAMBA or WINDOWS FILESERVER

Type: TCP

Listen Port: 139

Check: [x] Allow Local Connection only. This is a security feature. If you want to make sure that only this machine to use this tunnel, check this. Otherwise, any other machine in your home network will be able to access this service as well by connecting to this machine.

Destination Host: the name of your Window fileserver. In this example: JETLI.RUTGERS.EDU

Destination Port: 139

4. Click the OK button to close this Outgoing tunnel window.

5. Click the OK button to close the Settings window. (Figure 6).

6. Go to the File menu and click on Exit to quit WinSSH.

7. Reopen your WinSSH program

 

 

 

D. Establish the Tunnel using WinSSH

 

To establish the tunnel for the fileserver above, do the following:

 

  1. Click the QuickConnect button as shown in Figure 7 and a connect window shown in Figure 8 will open.
  2. Enter the hostname of a machine that you want to use as the tunnel and your username and password . In this example we are using eden.rutgers.edu and makmur as the username.
  3. Click the Connect button to establish the tunnel and ssh connection.
  4. Once you are connected, you will see a Unix command prompt.



E. Mount the Fileserver Securely.

 

Now that a secure tunnel have been established between your home computer and the Rutgers fileserver via eden.rutgers.edu (for this example), we can securely mount a Rutgers restricted fileserver onto the desktop of your home computer. Just like being in the office, to mount the fileserver (in this example: JETLI.RUTGERS.EDU) you must have an account on that fileserver that allows you to mount shares volumes. To mount the fileserver securely:

1.        Open My Computer. An explorer window will open.

2.        From the Tools menu select Map Network Drive as seen in Figure 9. A map network drive window will open. (Figure 10)



3.        Select a drive name for this mount point. In this example: Y:

4.        In the Folder: field, enter as follow: \\127.0.0.1\your_username. In this example the username is makmur.

5.        On Windows NT4, 2000 and XP you have the option to connect using a different username. If you are using Windows95/98 or ME, make sure that you are using the same Windows username as your fileserver expects or you will not be able to connect.

6.        Assuming you are using the right username, you will be asked to enter a password if your local password is different than your Rutgers fileserver password. Enter the correct password and click the OK button.

7.        After a successful login, look in your My Computer and you will see a Y: drive which is a share of the volume at Rutgers as shown in Figure 11.

 

 

Figure 11

 

 

F. Unmounting Volume and Closing the Tunnel

 

To unmount the network volume, in this example Y: drive, click on the icon of the network volume as shown in Figure 11, and click on the right mouse button. Select the Disconnect menu item to disconnect the share volume.

 

Please note that even if the network volume is not mounted, the secure tunnel still exists. To remove the tunnel, simply disconnect the Secure Shell session established in Section D above.

 

This completes the instruction on How to Mount Rutgers Microsoft or Samba Fileserver Securely from Home for WindowsOS If you have any questions, please contact the DCIS Help Desk at http://please.rutgers.edu/help

 

For further Reading: http://please.rutgers.edu/show/howto