Loading ...
Sorry, an error occurred while loading the content.

Mapping my Linkstation in Windows XP as a Network Drive

Expand Messages
  • john_p_daniels
    Hi. I am a newbie to this all. I am trying to mount my Buffalo Share folder to a windows xp explorer drive-letter. I use gotdns.com to forward my
    Message 1 of 14 , Oct 18, 2005
    • 0 Attachment
      Hi. I am a newbie to this all. I am trying to mount my Buffalo "Share"
      folder to a windows xp explorer drive-letter. I use gotdns.com to
      forward my cable-modem's ip address, then use my linksys router's port
      forwarding to send stuff to the local ip address of my buffalo
      linkstation I. I am able to scp & ssh from outside of my netowork into
      my buffalo (via port 22). So far have not gotten sftp to work. I am
      using the openlink & openssh from the linkstationwiki folks. Does
      anybody have any suggestions how I can do this? I have tried
      \\IP_ADDRESS\share, entered my login & password, but it comes back as
      failed.
    • lalunas10
      ... sftp is an ssh subsystem on port 115, you can enable it in your sshd_config (add a line Subsystem sftp /usr/libexec/sftp-server w/o the quotes, then
      Message 2 of 14 , Oct 19, 2005
      • 0 Attachment
        --- In LinkStation_General@yahoogroups.com, "john_p_daniels" <john_p_daniels@y...>
        wrote:
        >
        > Hi. I am a newbie to this all. I am trying to mount my Buffalo "Share"
        > folder to a windows xp explorer drive-letter. I use gotdns.com to
        > forward my cable-modem's ip address, then use my linksys router's port
        > forwarding to send stuff to the local ip address of my buffalo
        > linkstation I. I am able to scp & ssh from outside of my netowork into
        > my buffalo (via port 22). So far have not gotten sftp to work. I am
        > using the openlink & openssh from the linkstationwiki folks. Does
        > anybody have any suggestions how I can do this? I have tried
        > \\IP_ADDRESS\share, entered my login & password, but it comes back as
        > failed.

        sftp is an ssh subsystem on port 115, you can enable it in your sshd_config (add a line
        "Subsystem sftp /usr/libexec/sftp-server" w/o the quotes, then restart your ssh that's
        hopefully compiled with sftp support). It has absolutely nothing to do with Windows shares
        and "\\IP_ADDRESS\share" syntax, but you can use it with GUI like the excellent WinSCP/
        Putty combo. WinSCP looks much like WinFTP, if you have ever used it.

        You might connect to Windows shares via an SSH tunnel; the GUIs mentioned could do this
        for you.

        Windows shares themselves dwell on the NetBIOS ports, roughly speaking, 135, 137-179,
        445 (see <http://ntsecurity.nu/papers/port445/> for details). Drive letters can be
        assigned with "net use" on the Windows system (see <http://www.microsoft.com/
        resources/documentation/windows/xp/all/proddocs/en-us/net_use.mspx>).

        -Andre
      • john_p_daniels
        Hi, Andre, thanks for responding. I think the best thing to do is tackle this one issue at a time! Get my sftp working, then move on to the windows share
        Message 3 of 14 , Oct 20, 2005
        • 0 Attachment
          Hi, Andre, thanks for responding. I think the best thing to do is
          tackle this one issue at a time! Get my sftp working, then move on
          to the windows share folders, that I can then access four outside of
          my firewall/router.

          I have been frequenting the linkstation wiki, and have installed the
          openlink firmware. I also installed openssh, at least I think I have
          because I can use ssh & scp. However, I don't see a process called
          ssh server (or anything similar) running. I created an executable
          file called /etc/init.d/ssh that should kick things off. I even
          enter /etc/init.d/ssh start, and get an error about "Priviledge
          separation user sshd does not exist"! Also, where do I find this
          ssh_config file that you speak of?

          --- In LinkStation_General@yahoogroups.com, "lalunas10"
          <lalunas10@y...> wrote:
          >
          > --- In LinkStation_General@yahoogroups.com, "john_p_daniels"
          <john_p_daniels@y...>
          > wrote:
          > >
          > > Hi. I am a newbie to this all. I am trying to mount my
          Buffalo "Share"
          > > folder to a windows xp explorer drive-letter. I use gotdns.com
          to
          > > forward my cable-modem's ip address, then use my linksys
          router's port
          > > forwarding to send stuff to the local ip address of my buffalo
          > > linkstation I. I am able to scp & ssh from outside of my
          netowork into
          > > my buffalo (via port 22). So far have not gotten sftp to work. I
          am
          > > using the openlink & openssh from the linkstationwiki folks.
          Does
          > > anybody have any suggestions how I can do this? I have tried
          > > \\IP_ADDRESS\share, entered my login & password, but it comes
          back as
          > > failed.
          >
          > sftp is an ssh subsystem on port 115, you can enable it in your
          sshd_config (add a line
          > "Subsystem sftp /usr/libexec/sftp-server" w/o the quotes, then
          restart your ssh that's
          > hopefully compiled with sftp support). It has absolutely nothing
          to do with Windows shares
          > and "\\IP_ADDRESS\share" syntax, but you can use it with GUI
          like the excellent WinSCP/
          > Putty combo. WinSCP looks much like WinFTP, if you have ever used
          it.
          >
          > You might connect to Windows shares via an SSH tunnel; the GUIs
          mentioned could do this
          > for you.
          >
          > Windows shares themselves dwell on the NetBIOS ports, roughly
          speaking, 135, 137-179,
          > 445 (see <http://ntsecurity.nu/papers/port445/> for details).
          Drive letters can be
          > assigned with "net use" on the Windows system (see
          <http://www.microsoft.com/
          > resources/documentation/windows/xp/all/proddocs/en-
          us/net_use.mspx>).
          >
          > -Andre
          >
        • john_p_daniels
          Oh, I should add one other thing. I have no directory called /usr/libexec/ which contains sftp-server. Instead, I have a /usr/local/libexec, which contains
          Message 4 of 14 , Oct 20, 2005
          • 0 Attachment
            Oh, I should add one other thing. I have no directory
            called /usr/libexec/ which contains sftp-server. Instead, I have
            a /usr/local/libexec, which contains sftp-server. Should I move it,
            or should I update a config file that has this path? Thanks!

            --- In LinkStation_General@yahoogroups.com, "john_p_daniels"
            <john_p_daniels@y...> wrote:
            >
            > Hi, Andre, thanks for responding. I think the best thing to do is
            > tackle this one issue at a time! Get my sftp working, then move on
            > to the windows share folders, that I can then access four outside
            of
            > my firewall/router.
            >
            > I have been frequenting the linkstation wiki, and have installed
            the
            > openlink firmware. I also installed openssh, at least I think I
            have
            > because I can use ssh & scp. However, I don't see a process called
            > ssh server (or anything similar) running. I created an executable
            > file called /etc/init.d/ssh that should kick things off. I even
            > enter /etc/init.d/ssh start, and get an error about "Priviledge
            > separation user sshd does not exist"! Also, where do I find this
            > ssh_config file that you speak of?
            >
            > --- In LinkStation_General@yahoogroups.com, "lalunas10"
            > <lalunas10@y...> wrote:
            > >
            > > --- In LinkStation_General@yahoogroups.com, "john_p_daniels"
            > <john_p_daniels@y...>
            > > wrote:
            > > >
            > > > Hi. I am a newbie to this all. I am trying to mount my
            > Buffalo "Share"
            > > > folder to a windows xp explorer drive-letter. I use gotdns.com
            > to
            > > > forward my cable-modem's ip address, then use my linksys
            > router's port
            > > > forwarding to send stuff to the local ip address of my buffalo
            > > > linkstation I. I am able to scp & ssh from outside of my
            > netowork into
            > > > my buffalo (via port 22). So far have not gotten sftp to work.
            I
            > am
            > > > using the openlink & openssh from the linkstationwiki folks.
            > Does
            > > > anybody have any suggestions how I can do this? I have tried
            > > > \\IP_ADDRESS\share, entered my login & password, but it comes
            > back as
            > > > failed.
            > >
            > > sftp is an ssh subsystem on port 115, you can enable it in your
            > sshd_config (add a line
            > > "Subsystem sftp /usr/libexec/sftp-server" w/o the quotes, then
            > restart your ssh that's
            > > hopefully compiled with sftp support). It has absolutely nothing
            > to do with Windows shares
            > > and "\\IP_ADDRESS\share" syntax, but you can use it with GUI
            > like the excellent WinSCP/
            > > Putty combo. WinSCP looks much like WinFTP, if you have ever
            used
            > it.
            > >
            > > You might connect to Windows shares via an SSH tunnel; the GUIs
            > mentioned could do this
            > > for you.
            > >
            > > Windows shares themselves dwell on the NetBIOS ports, roughly
            > speaking, 135, 137-179,
            > > 445 (see <http://ntsecurity.nu/papers/port445/> for details).
            > Drive letters can be
            > > assigned with "net use" on the Windows system (see
            > <http://www.microsoft.com/
            > > resources/documentation/windows/xp/all/proddocs/en-
            > us/net_use.mspx>).
            > >
            > > -Andre
            > >
            >
          • lalunas10
            ... Do NOT move it. Instead, edit /etc/ssh/sshd_config. -Andre
            Message 5 of 14 , Oct 21, 2005
            • 0 Attachment
              --- In LinkStation_General@yahoogroups.com, "john_p_daniels" <john_p_daniels@y...>
              wrote:
              >
              > Oh, I should add one other thing. I have no directory
              > called /usr/libexec/ which contains sftp-server. Instead, I have
              > a /usr/local/libexec, which contains sftp-server. Should I move it,
              > or should I update a config file that has this path? Thanks!

              Do NOT move it. Instead, edit /etc/ssh/sshd_config.

              -Andre
            • lalunas10
              ... Very good idea, wish I could stick to that maxime myself ;) ... You might be running dropbear, whose openlink version compiled w/o sftp support. ... #!
              Message 6 of 14 , Oct 21, 2005
              • 0 Attachment
                --- In LinkStation_General@yahoogroups.com, "john_p_daniels" <john_p_daniels@y...>
                wrote:
                >
                > Hi, Andre, thanks for responding. I think the best thing to do is
                > tackle this one issue at a time! Get my sftp working, then move on
                > to the windows share folders, that I can then access four outside of
                > my firewall/router.

                Very good idea, wish I could stick to that maxime myself ;)

                > I have been frequenting the linkstation wiki, and have installed the
                > openlink firmware. I also installed openssh, at least I think I have
                > because I can use ssh & scp.
                >
                > However, I don't see a process called
                > ssh server (or anything similar) running.

                You might be running dropbear, whose openlink version compiled w/o sftp support.

                > I created an executable
                > file called /etc/init.d/ssh that should kick things off.

                Try this one:

                -----------------------------

                #! /bin/sh
                #
                # chkconfig: 2345 20 20
                #
                PATH=/bin:/usr/local/bin:/sbin:/usr/local/sbin

                # /etc/init.d/ssh: start and stop the OpenBSD "secure shell(tm)" daemon

                # Autokeygen control is located in /etc/default/ssh
                . /etc/default/ssh

                # Uncomment the following line to allow the script to autogenerate
                # the required keys if they are not on the system.
                AUTOKEYGEN=yes

                test -x /usr/local/sbin/sshd || exit 0
                ( /usr/local/sbin/sshd -\? 2>&1 | grep -q OpenSSH ) 2>/dev/null || exit 0

                # forget it if we're trying to start, and /etc/ssh/sshd_not_to_be_run exists
                if [ -e /etc/ssh/sshd_not_to_be_run ]; then
                echo "OpenBSD Secure Shell server not in use (/etc/ssh/sshd_not_to_be_run)"
                exit 0
                fi

                setupKeys()
                {
                if [ ! -s /etc/ssh/ssh_host_key ]; then
                /usr/local/bin/ssh-keygen -b 1024 -f /etc/ssh/ssh_host_key -N ""
                fi
                if [ ! -s /etc/ssh/ssh_host_rsa_key ]; then
                /usr/local/bin/ssh-keygen -d -f /etc/ssh/ssh_host_rsa_key -N "" -t rsa
                fi
                if [ ! -s /etc/ssh/ssh_host_dsa_key ]; then
                /usr/local/bin/ssh-keygen -d -f /etc/ssh/ssh_host_dsa_key -N "" -t dsa
                fi
                }

                checkKeys()
                {
                if [ ! -s /etc/ssh/ssh_host_key ]; then
                echo "failed - no ssh_host_key!"
                exit 1
                fi
                if [ ! -s /etc/ssh/ssh_host_rsa_key ]; then
                echo "failed - no ssh_host_rsa_key!"
                exit 1
                fi
                if [ ! -s /etc/ssh/ssh_host_dsa_key ]; then
                echo "failed - no ssh_host_dsa_key!"
                exit 1
                fi
                }

                # Configurable options:

                case "$1" in
                start)
                test -f /etc/ssh/sshd_not_to_be_run && exit 0
                [ "$AUTOKEYGEN" = yes ] && setupKeys
                echo -n "Starting OpenBSD Secure Shell server: "
                checkKeys
                echo -n "sshd"
                start-stop-daemon --start --quiet --pidfile /var/run/sshd.pid --exec /usr/local/
                sbin/sshd
                echo "."
                ;;
                stop)
                echo -n "Stopping OpenBSD Secure Shell server: sshd"
                start-stop-daemon --stop --quiet --oknodo --pidfile /var/run/sshd.pid
                echo "."
                ;;

                reload|force-reload)
                test -f /etc/ssh/sshd_not_to_be_run && exit 0
                echo -n "Reloading OpenBSD Secure Shell server's configuration"
                start-stop-daemon --stop --signal 1 --quiet --oknodo --pidfile /var/run/sshd.pid
                --exec /usr/local/sbin/sshd
                echo "."
                ;;

                restart)
                test -f /etc/ssh/sshd_not_to_be_run && exit 0
                echo -n "Restarting OpenBSD Secure Shell server: sshd"
                start-stop-daemon --stop --quiet --oknodo --pidfile /var/run/sshd.pid
                sleep 10
                start-stop-daemon --start --quiet --pidfile /var/run/sshd.pid --exec /usr/local/
                sbin/sshd
                echo "."
                ;;

                *)
                echo "Usage: /etc/init.d/ssh {start|stop|reload|force-reload|restart}"
                exit 1
                esac

                exit 0

                -----------------------------

                > I even
                > enter /etc/init.d/ssh start, and get an error about "Priviledge
                > separation user sshd does not exist"! Also, where do I find this
                > ssh_config file that you speak of?

                No, NOT ssh_config BUT sshd_config. Try one thing. Edit your /etc/ssh/sshd_config or /
                usr/local/ssh/sshd_config (whichever you have), and change port 22 to port 22222. Then
                try "/etc/init.d/ssh start" and "ps auxw" | grep ssh". If ssh is not running (not showing up),
                you'll probably have to adjust the path in /etc/init.d/ssh to the output of "which sshd",
                and "/etc/init.d/ssh restart".

                If it works, you could connect to your _openssh_ server using "ssh -p 22222 foo@bar"
                resp. "scp -r -P 22222 mystuff foo@bar:/mypath" (note the lower- and uppercase "P"), and
                to sftp.

                In fact, I'm running a similar setup myself, with dropbear -w (no root access) on port 22,
                accessible via NAT, and openssh with root access on an unprivileged port, which cannot be
                reached from outside the LAN.

                PS: Top-posting makes things hard to read because you don't see the discussion thread,
                please avoid it.

                -Andre

                > --- In LinkStation_General@yahoogroups.com, "lalunas10"
                > <lalunas10@y...> wrote:
                > >
                > > --- In LinkStation_General@yahoogroups.com, "john_p_daniels"
                > <john_p_daniels@y...>
                > > wrote:
                > > >
                > > > Hi. I am a newbie to this all. I am trying to mount my
                > Buffalo "Share"
                > > > folder to a windows xp explorer drive-letter. I use gotdns.com
                > to
                > > > forward my cable-modem's ip address, then use my linksys
                > router's port
                > > > forwarding to send stuff to the local ip address of my buffalo
                > > > linkstation I. I am able to scp & ssh from outside of my
                > netowork into
                > > > my buffalo (via port 22). So far have not gotten sftp to work. I
                > am
                > > > using the openlink & openssh from the linkstationwiki folks.
                > Does
                > > > anybody have any suggestions how I can do this? I have tried
                > > > \\IP_ADDRESS\share, entered my login & password, but it comes
                > back as
                > > > failed.
                > >
                > > sftp is an ssh subsystem on port 115, you can enable it in your
                > sshd_config (add a line
                > > "Subsystem sftp /usr/libexec/sftp-server" w/o the quotes, then
                > restart your ssh that's
                > > hopefully compiled with sftp support). It has absolutely nothing
                > to do with Windows shares
                > > and "\\IP_ADDRESS\share" syntax, but you can use it with GUI
                > like the excellent WinSCP/
                > > Putty combo. WinSCP looks much like WinFTP, if you have ever used
                > it.
                > >
                > > You might connect to Windows shares via an SSH tunnel; the GUIs
                > mentioned could do this
                > > for you.
                > >
                > > Windows shares themselves dwell on the NetBIOS ports, roughly
                > speaking, 135, 137-179,
                > > 445 (see <http://ntsecurity.nu/papers/port445/> for details).
                > Drive letters can be
                > > assigned with "net use" on the Windows system (see
                > <http://www.microsoft.com/
                > > resources/documentation/windows/xp/all/proddocs/en-
                > us/net_use.mspx>).
                > >
                > > -Andre
                > >
                >
              • john_p_daniels
                ... ... is ... on ... outside of ... the ... have ... sftp support. ... daemon ... exit 0 ... and /etc/ssh/sshd_not_to_be_run exists ...
                Message 7 of 14 , Oct 21, 2005
                • 0 Attachment
                  --- In LinkStation_General@yahoogroups.com, "lalunas10"
                  <lalunas10@y...> wrote:
                  >
                  > --- In LinkStation_General@yahoogroups.com, "john_p_daniels"
                  <john_p_daniels@y...>
                  > wrote:
                  > >
                  > > Hi, Andre, thanks for responding. I think the best thing to do
                  is
                  > > tackle this one issue at a time! Get my sftp working, then move
                  on
                  > > to the windows share folders, that I can then access four
                  outside of
                  > > my firewall/router.
                  >
                  > Very good idea, wish I could stick to that maxime myself ;)
                  >
                  > > I have been frequenting the linkstation wiki, and have installed
                  the
                  > > openlink firmware. I also installed openssh, at least I think I
                  have
                  > > because I can use ssh & scp.
                  > >
                  > > However, I don't see a process called
                  > > ssh server (or anything similar) running.
                  >
                  > You might be running dropbear, whose openlink version compiled w/o
                  sftp support.
                  >
                  > > I created an executable
                  > > file called /etc/init.d/ssh that should kick things off.
                  >
                  > Try this one:
                  >
                  > -----------------------------
                  >
                  > #! /bin/sh
                  > #
                  > # chkconfig: 2345 20 20
                  > #
                  > PATH=/bin:/usr/local/bin:/sbin:/usr/local/sbin
                  >
                  > # /etc/init.d/ssh: start and stop the OpenBSD "secure shell(tm)"
                  daemon
                  >
                  > # Autokeygen control is located in /etc/default/ssh
                  > . /etc/default/ssh
                  >
                  > # Uncomment the following line to allow the script to autogenerate
                  > # the required keys if they are not on the system.
                  > AUTOKEYGEN=yes
                  >
                  > test -x /usr/local/sbin/sshd || exit 0
                  > ( /usr/local/sbin/sshd -\? 2>&1 | grep -q OpenSSH ) 2>/dev/null ||
                  exit 0
                  >
                  > # forget it if we're trying to start,
                  and /etc/ssh/sshd_not_to_be_run exists
                  > if [ -e /etc/ssh/sshd_not_to_be_run ]; then
                  > echo "OpenBSD Secure Shell server not in use
                  (/etc/ssh/sshd_not_to_be_run)"
                  > exit 0
                  > fi
                  >
                  > setupKeys()
                  > {
                  > if [ ! -s /etc/ssh/ssh_host_key ]; then
                  > /usr/local/bin/ssh-keygen -b 1024 -
                  f /etc/ssh/ssh_host_key -N ""
                  > fi
                  > if [ ! -s /etc/ssh/ssh_host_rsa_key ]; then
                  > /usr/local/bin/ssh-keygen -d -
                  f /etc/ssh/ssh_host_rsa_key -N "" -t rsa
                  > fi
                  > if [ ! -s /etc/ssh/ssh_host_dsa_key ]; then
                  > /usr/local/bin/ssh-keygen -d -
                  f /etc/ssh/ssh_host_dsa_key -N "" -t dsa
                  > fi
                  > }
                  >
                  > checkKeys()
                  > {
                  > if [ ! -s /etc/ssh/ssh_host_key ]; then
                  > echo "failed - no ssh_host_key!"
                  > exit 1
                  > fi
                  > if [ ! -s /etc/ssh/ssh_host_rsa_key ]; then
                  > echo "failed - no ssh_host_rsa_key!"
                  > exit 1
                  > fi
                  > if [ ! -s /etc/ssh/ssh_host_dsa_key ]; then
                  > echo "failed - no ssh_host_dsa_key!"
                  > exit 1
                  > fi
                  > }
                  >
                  > # Configurable options:
                  >
                  > case "$1" in
                  > start)
                  > test -f /etc/ssh/sshd_not_to_be_run && exit 0
                  > [ "$AUTOKEYGEN" = yes ] && setupKeys
                  > echo -n "Starting OpenBSD Secure Shell server: "
                  > checkKeys
                  > echo -n "sshd"
                  > start-stop-daemon --start --quiet --
                  pidfile /var/run/sshd.pid --exec /usr/local/
                  > sbin/sshd
                  > echo "."
                  > ;;
                  > stop)
                  > echo -n "Stopping OpenBSD Secure Shell server: sshd"
                  > start-stop-daemon --stop --quiet --oknodo --
                  pidfile /var/run/sshd.pid
                  > echo "."
                  > ;;
                  >
                  > reload|force-reload)
                  > test -f /etc/ssh/sshd_not_to_be_run && exit 0
                  > echo -n "Reloading OpenBSD Secure Shell server's
                  configuration"
                  > start-stop-daemon --stop --signal 1 --quiet --oknodo --
                  pidfile /var/run/sshd.pid
                  > --exec /usr/local/sbin/sshd
                  > echo "."
                  > ;;
                  >
                  > restart)
                  > test -f /etc/ssh/sshd_not_to_be_run && exit 0
                  > echo -n "Restarting OpenBSD Secure Shell server: sshd"
                  > start-stop-daemon --stop --quiet --oknodo --
                  pidfile /var/run/sshd.pid
                  > sleep 10
                  > start-stop-daemon --start --quiet --
                  pidfile /var/run/sshd.pid --exec /usr/local/
                  > sbin/sshd
                  > echo "."
                  > ;;
                  >
                  > *)
                  > echo "Usage: /etc/init.d/ssh {start|stop|reload|force-
                  reload|restart}"
                  > exit 1
                  > esac
                  >
                  > exit 0
                  >
                  > -----------------------------
                  >
                  > > I even
                  > > enter /etc/init.d/ssh start, and get an error about "Priviledge
                  > > separation user sshd does not exist"! Also, where do I find this
                  > > ssh_config file that you speak of?
                  >
                  > No, NOT ssh_config BUT sshd_config. Try one thing. Edit
                  your /etc/ssh/sshd_config or /
                  > usr/local/ssh/sshd_config (whichever you have), and change port 22
                  to port 22222. Then
                  > try "/etc/init.d/ssh start" and "ps auxw" | grep ssh". If ssh is
                  not running (not showing up),
                  > you'll probably have to adjust the path in /etc/init.d/ssh to the
                  output of "which sshd",
                  > and "/etc/init.d/ssh restart".
                  >
                  > If it works, you could connect to your _openssh_ server
                  using "ssh -p 22222 foo@bar"
                  > resp. "scp -r -P 22222 mystuff foo@bar:/mypath" (note the lower-
                  and uppercase "P"), and
                  > to sftp.
                  >
                  > In fact, I'm running a similar setup myself, with dropbear -w (no
                  root access) on port 22,
                  > accessible via NAT, and openssh with root access on an
                  unprivileged port, which cannot be
                  > reached from outside the LAN.
                  >
                  > PS: Top-posting makes things hard to read because you don't see
                  the discussion thread,
                  > please avoid it.
                  >
                  > -Andre
                  >
                  > > --- In LinkStation_General@yahoogroups.com, "lalunas10"
                  > > <lalunas10@y...> wrote:
                  > > >
                  > > > --- In LinkStation_General@yahoogroups.com, "john_p_daniels"
                  > > <john_p_daniels@y...>
                  > > > wrote:
                  > > > >
                  > > > > Hi. I am a newbie to this all. I am trying to mount my
                  > > Buffalo "Share"
                  > > > > folder to a windows xp explorer drive-letter. I use
                  gotdns.com
                  > > to
                  > > > > forward my cable-modem's ip address, then use my linksys
                  > > router's port
                  > > > > forwarding to send stuff to the local ip address of my
                  buffalo
                  > > > > linkstation I. I am able to scp & ssh from outside of my
                  > > netowork into
                  > > > > my buffalo (via port 22). So far have not gotten sftp to
                  work. I
                  > > am
                  > > > > using the openlink & openssh from the linkstationwiki folks.
                  > > Does
                  > > > > anybody have any suggestions how I can do this? I have
                  tried
                  > > > > \\IP_ADDRESS\share, entered my login & password, but it
                  comes
                  > > back as
                  > > > > failed.
                  > > >
                  > > > sftp is an ssh subsystem on port 115, you can enable it in
                  your
                  > > sshd_config (add a line
                  > > > "Subsystem sftp /usr/libexec/sftp-server" w/o the quotes,
                  then
                  > > restart your ssh that's
                  > > > hopefully compiled with sftp support). It has absolutely
                  nothing
                  > > to do with Windows shares
                  > > > and "\\IP_ADDRESS\share" syntax, but you can use it with GUI
                  > > like the excellent WinSCP/
                  > > > Putty combo. WinSCP looks much like WinFTP, if you have ever
                  used
                  > > it.
                  > > >
                  > > > You might connect to Windows shares via an SSH tunnel; the
                  GUIs
                  > > mentioned could do this
                  > > > for you.
                  > > >
                  > > > Windows shares themselves dwell on the NetBIOS ports, roughly
                  > > speaking, 135, 137-179,
                  > > > 445 (see <http://ntsecurity.nu/papers/port445/> for details).
                  > > Drive letters can be
                  > > > assigned with "net use" on the Windows system (see
                  > > <http://www.microsoft.com/
                  > > > resources/documentation/windows/xp/all/proddocs/en-
                  > > us/net_use.mspx>).
                  > > >
                  > > > -Andre
                  > > >
                  > >
                  >
                  Okay, no more top-posting!! Sorry! However, this might make this
                  more unreadable, as it will be part top & part bottom-posted!

                  Okay, some success! I took your script, but had to make some tweaks.
                  First off, my install was in /usr/local/etc, while yours
                  was /etc/ssh. I tried creating a /usr/local/etc/ssh to mimic the
                  hierarchy (prepending a /usr/local to your /etc/ssh), but when I
                  ran /usr/local/bin/ssh-keygen, it was expecting the sshd_config file
                  to be in the /usr/local/etc directory. My version of ssh-keygen also
                  had different arguments, but I sorted that out. I also don't have
                  a /etc/default/ssh file, so simply did a 'touch' and chmod +x to
                  that new empty file. What is this for? I did not find it anywhere in
                  the openssh tarfile.

                  Oh, and my sshd_config file already had the same sftp command in it.

                  Okay, now when I tried /etc/init.d/ssh I got the exact error as
                  before: Privilege separation user sshd does not exist

                  I did a google search, and came up w/ the following suggestion:

                  add following line in /etc/passwd

                  sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin

                  I created a directory called /var/empty/ssh and added this line as
                  is to my /etc/passwd. Of course, my install does not
                  have /sbin/nologin! Argh! Anyways, I ran /etc/init.d/ssh. It seemed
                  to work, as the error went away. However, upon checking processes, I
                  see nothing...:-( I verified that 'which sshd' had the same pathname
                  as I was using in the ssh script. Besides, ssh is being executed, as
                  the above error went away. I do see three dropbear processes. Do I
                  need to disable dropbear first?
                • lalunas10
                  ... wrote: [...] ... Not if you avoid top-posting from the start, and snip the part you don t need any more :) ... We seem to be running different versions off
                  Message 8 of 14 , Oct 22, 2005
                  • 0 Attachment
                    --- In LinkStation_General@yahoogroups.com, "john_p_daniels" <john_p_daniels@y...>
                    wrote:

                    [...]

                    > Okay, no more top-posting!! Sorry! However, this might make this
                    > more unreadable, as it will be part top & part bottom-posted!

                    Not if you avoid top-posting from the start, and snip the part you don't need any more :)

                    > Okay, some success! I took your script, but had to make some tweaks.
                    > First off, my install was in /usr/local/etc, while yours
                    > was /etc/ssh. I tried creating a /usr/local/etc/ssh to mimic the
                    > hierarchy (prepending a /usr/local to your /etc/ssh), but when I
                    > ran /usr/local/bin/ssh-keygen, it was expecting the sshd_config file
                    > to be in the /usr/local/etc directory. My version of ssh-keygen also
                    > had different arguments, but I sorted that out. I also don't have
                    > a /etc/default/ssh file, so simply did a 'touch' and chmod +x to
                    > that new empty file. What is this for? I did not find it anywhere in
                    > the openssh tarfile.

                    We seem to be running different versions off ssh, possibly compiled with different
                    arguments. FYI, my /etc/default/ssh reads

                    # Set AUTOKEYGEN=yes to make the ssh init script autogenerate
                    # the required keys if they are not on the system.
                    AUTOKEYGEN=yes

                    The startup script sources it, if it doesn't exist, not problem, as you you have already
                    generated ssh keys, no problem at all.

                    > Oh, and my sshd_config file already had the same sftp command in it.
                    >
                    > Okay, now when I tried /etc/init.d/ssh I got the exact error as
                    > before: Privilege separation user sshd does not exist
                    >
                    > I did a google search, and came up w/ the following suggestion:
                    >
                    > add following line in /etc/passwd
                    >
                    > sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
                    >
                    > I created a directory called /var/empty/ssh and added this line as
                    > is to my /etc/passwd. Of course, my install does not

                    My /etc/passwd contains a line:

                    sshd:!:1000:100::/home/sshd:

                    which is essentially the same. Does your /var/empty/sshd still exist?! It wouldn't survive
                    reboots!

                    I used

                    mkdir /home/sshd
                    chown sshd /home/sshd
                    chmod 0700 /home/sshd

                    If this doesn't work, how about disabling privilege separation for now?

                    UsePrivilegeSeparation no

                    in /$PREFIX/etc/ssh/sshd_config

                    > have /sbin/nologin! Argh! Anyways, I ran /etc/init.d/ssh. It seemed
                    > to work, as the error went away. However, upon checking processes, I
                    > see nothing...:-( I verified that 'which sshd' had the same pathname
                    > as I was using in the ssh script. Besides, ssh is being executed, as
                    > the above error went away. I do see three dropbear processes. Do I
                    > need to disable dropbear first?

                    DON'T DISABLE DROPBEAR FOR NOW, you might lock yourself out. Run openssh on a
                    different port instead (i.e., not port 22).

                    -Andre
                  • john_p_daniels
                    ... now? ... seemed ... processes, I ... pathname ... executed, as ... I ... openssh on a ... Thanks again for responding! I went ahead and tried updating my
                    Message 9 of 14 , Oct 24, 2005
                    • 0 Attachment
                      --- In LinkStation_General@yahoogroups.com, "lalunas10" >
                      > If this doesn't work, how about disabling privilege separation for
                      now?
                      >
                      > UsePrivilegeSeparation no
                      >
                      > in /$PREFIX/etc/ssh/sshd_config
                      >
                      > > have /sbin/nologin! Argh! Anyways, I ran /etc/init.d/ssh. It
                      seemed
                      > > to work, as the error went away. However, upon checking
                      processes, I
                      > > see nothing...:-( I verified that 'which sshd' had the same
                      pathname
                      > > as I was using in the ssh script. Besides, ssh is being
                      executed, as
                      > > the above error went away. I do see three dropbear processes. Do
                      I
                      > > need to disable dropbear first?
                      >
                      > DON'T DISABLE DROPBEAR FOR NOW, you might lock yourself out. Run
                      openssh on a
                      > different port instead (i.e., not port 22).
                      >
                      Thanks again for responding! I went ahead and tried updating
                      my /etc/passwd and associated /home/sshd stuff like you suggested,
                      but with still no success. :-( Things "work" the exact same way. I
                      enter '/etc/init.d/ssh start', and I get no error messages (ie. the
                      privelidge separation error went away). However, no sshd processes
                      are created. Is there somewhere else I need to look for a log file?
                      I see from the /etc/init.d/sshd file that a pidfile
                      called /var/run/sshd.pid should be created. Well it isn't. Also,
                      what should I do to create this alternate port. I have port 22 being
                      used, but perhaps this is dropbear using this? I am getting into my
                      linkstation via putty, via port 22 (I am guessing, since I can't get
                      in from outside when i turn port forwarding off on my router).
                    • lalunas10
                      ... [...] ... So it doesn t run. ... Edit /usr/local/etc/ssh/sshd_config, change #Port 22 (or so) to Port 22222 ; then restart ssh and see what happens. ...
                      Message 10 of 14 , Oct 25, 2005
                      • 0 Attachment
                        --- In LinkStation_General@yahoogroups.com, "john_p_daniels" <john_p_daniels@y...>
                        wrote:
                        >
                        > --- In LinkStation_General@yahoogroups.com, "lalunas10" >
                        > > If this doesn't work, how about disabling privilege separation for
                        > now?
                        > >
                        > > UsePrivilegeSeparation no
                        [...]
                        > > DON'T DISABLE DROPBEAR FOR NOW, you might lock yourself out. Run
                        > openssh on a
                        > > different port instead (i.e., not port 22).
                        > >
                        > Thanks again for responding! I went ahead and tried updating
                        > my /etc/passwd and associated /home/sshd stuff like you suggested,
                        > but with still no success. :-( Things "work" the exact same way. I
                        > enter '/etc/init.d/ssh start', and I get no error messages (ie. the
                        > privelidge separation error went away). However, no sshd processes
                        > are created. Is there somewhere else I need to look for a log file?
                        > I see from the /etc/init.d/sshd file that a pidfile
                        > called /var/run/sshd.pid should be created. Well it isn't. Also,

                        So it doesn't run.

                        > what should I do to create this alternate port.

                        Edit /usr/local/etc/ssh/sshd_config, change "#Port 22" (or so) to "Port 22222"; then
                        restart ssh and see what happens.

                        > I have port 22 being
                        > used, but perhaps this is dropbear using this?

                        That's what I've been trying to tell you :)

                        > I am getting into my
                        > linkstation via putty, via port 22 (I am guessing, since I can't get
                        > in from outside when i turn port forwarding off on my router).

                        Run openssh on the command line (manually) to see what's going on:

                        sshd -f /usr/local/etc/ssh/sshd_config

                        or even

                        sshd -d -f /usr/local/etc/ssh/sshd_config

                        -Andre
                      • john_p_daniels
                        ... ... for ... Run ... suggested, ... I ... the ... processes ... file? ... to Port 22222 ; then ... get ... Okay, some success! The
                        Message 11 of 14 , Oct 25, 2005
                        • 0 Attachment
                          --- In LinkStation_General@yahoogroups.com, "lalunas10"
                          <lalunas10@y...> wrote:
                          >
                          > --- In LinkStation_General@yahoogroups.com, "john_p_daniels"
                          <john_p_daniels@y...>
                          > wrote:
                          > >
                          > > --- In LinkStation_General@yahoogroups.com, "lalunas10" >
                          > > > If this doesn't work, how about disabling privilege separation
                          for
                          > > now?
                          > > >
                          > > > UsePrivilegeSeparation no
                          > [...]
                          > > > DON'T DISABLE DROPBEAR FOR NOW, you might lock yourself out.
                          Run
                          > > openssh on a
                          > > > different port instead (i.e., not port 22).
                          > > >
                          > > Thanks again for responding! I went ahead and tried updating
                          > > my /etc/passwd and associated /home/sshd stuff like you
                          suggested,
                          > > but with still no success. :-( Things "work" the exact same way.
                          I
                          > > enter '/etc/init.d/ssh start', and I get no error messages (ie.
                          the
                          > > privelidge separation error went away). However, no sshd
                          processes
                          > > are created. Is there somewhere else I need to look for a log
                          file?
                          > > I see from the /etc/init.d/sshd file that a pidfile
                          > > called /var/run/sshd.pid should be created. Well it isn't. Also,
                          >
                          > So it doesn't run.
                          >
                          > > what should I do to create this alternate port.
                          >
                          > Edit /usr/local/etc/ssh/sshd_config, change "#Port 22" (or so)
                          to "Port 22222"; then
                          > restart ssh and see what happens.
                          >
                          > > I have port 22 being
                          > > used, but perhaps this is dropbear using this?
                          >
                          > That's what I've been trying to tell you :)
                          >
                          > > I am getting into my
                          > > linkstation via putty, via port 22 (I am guessing, since I can't
                          get
                          > > in from outside when i turn port forwarding off on my router).
                          >
                          > Run openssh on the command line (manually) to see what's going on:
                          >
                          > sshd -f /usr/local/etc/ssh/sshd_config
                          >
                          > or even
                          >
                          > sshd -d -f /usr/local/etc/ssh/sshd_config
                          >
                          > -Andre
                          >
                          Okay, some success! The last command above was very helpful. The -d
                          option was a debug mode (but you knew that! ;-)), so it showed what
                          was going on. It errored saying that directory /var/empty did not
                          exist. So, I created this manually, then tried the command again.
                          This time it worked! I did change that port to 22222, then did port
                          forwarding on my router as well. I then updated the /etc/init.d/ssh
                          startup script by forcing the creation of the /var/empty directory.
                          I killed the sshd process, then did a reboot. The sshd process was
                          started this time (!!), but I did not see the /var/run/sshd.pid file
                          that should have been created. Any ideas? Is this important? I was
                          able to verify that sftp now worked! Okay, now my question is when I
                          am outside of my home network, and want to get in, what is the
                          significance of this new Port 22222? I set up a forward on my router
                          from this port to the ip address of my buffalo. However, when I turn
                          off port 22 (what dropbear was using, I imagine), I cannot get in
                          via sftp anymore. It errors out, as it expects Port 22. Is there
                          something I need to do to tell sftp to use this port? Or do I now
                          disable dropbear and use port 22 for that? Thanks again, for all
                          your help for this newbie! :-)
                        • lalunas10
                          ... Well, I told you ;) ... Way to go, John! ... It s not important, IMHO. ... It s an unprivileged (user assigned) port, so you can run two different services
                          Message 12 of 14 , Oct 26, 2005
                          • 0 Attachment
                            --- In LinkStation_General@yahoogroups.com, "john_p_daniels" <john_p_daniels@y...>
                            wrote:

                            > > sshd -d -f /usr/local/etc/ssh/sshd_config

                            > Okay, some success! The last command above was very helpful. The -d
                            > option was a debug mode (but you knew that! ;-)), so it showed what
                            > was going on. It errored saying that directory /var/empty did not
                            > exist.

                            Well, I told you ;)

                            > So, I created this manually, then tried the command again.
                            > This time it worked! I did change that port to 22222, then did port
                            > forwarding on my router as well. I then updated the /etc/init.d/ssh
                            > startup script by forcing the creation of the /var/empty directory.

                            Way to go, John!

                            > I killed the sshd process, then did a reboot. The sshd process was
                            > started this time (!!), but I did not see the /var/run/sshd.pid file
                            > that should have been created. Any ideas? Is this important?

                            It's not important, IMHO.

                            > I was
                            > able to verify that sftp now worked! Okay, now my question is when I
                            > am outside of my home network, and want to get in, what is the
                            > significance of this new Port 22222?

                            It's an unprivileged (user assigned) port, so you can run two different services of the same
                            kind at at time. SSH's standard port is 22. Such things are specified in /etc/services.

                            > I set up a forward on my router
                            > from this port to the ip address of my buffalo. However, when I turn
                            > off port 22 (what dropbear was using, I imagine), I cannot get in
                            > via sftp anymore. It errors out, as it expects Port 22.

                            Nope. I bet dropbear isn't compiled with SSH support, you're experiencing some kind of
                            fallback mechanism to SCP (in WinSCP, you need to change the defaults to use SFTP at all).
                            You need to open/forward port 115 on your router as well, else your're problably using
                            dropbear scp on port 22 -- if it's running.

                            > Is there
                            > something I need to do to tell sftp to use this port? Or do I now
                            > disable dropbear and use port 22 for that? Thanks again, for all
                            > your help for this newbie! :-)

                            I guess it's clearer now. You could choose to use port 22 in sshd_config and 22222
                            (actually, anything above 1024) for dropbear, or disable dropbear altogether. WARNING,
                            make sure you don't lock yourself out. Believe me, I know what I'm talking about ;(

                            Take care, glad you made it,

                            -Andre
                          • john_p_daniels
                            ... Buffalo Share ... to ... router s port ... netowork into ... am ... Does ... back as ... sshd_config (add a line ... restart your ssh that s ... to do
                            Message 13 of 14 , Oct 30, 2005
                            • 0 Attachment
                              > >
                              > > Hi. I am a newbie to this all. I am trying to mount my
                              Buffalo "Share"
                              > > folder to a windows xp explorer drive-letter. I use gotdns.com
                              to
                              > > forward my cable-modem's ip address, then use my linksys
                              router's port
                              > > forwarding to send stuff to the local ip address of my buffalo
                              > > linkstation I. I am able to scp & ssh from outside of my
                              netowork into
                              > > my buffalo (via port 22). So far have not gotten sftp to work. I
                              am
                              > > using the openlink & openssh from the linkstationwiki folks.
                              Does
                              > > anybody have any suggestions how I can do this? I have tried
                              > > \\IP_ADDRESS\share, entered my login & password, but it comes
                              back as
                              > > failed.
                              >
                              > sftp is an ssh subsystem on port 115, you can enable it in your
                              sshd_config (add a line
                              > "Subsystem sftp /usr/libexec/sftp-server" w/o the quotes, then
                              restart your ssh that's
                              > hopefully compiled with sftp support). It has absolutely nothing
                              to do with Windows shares
                              > and "\\IP_ADDRESS\share" syntax, but you can use it with GUI
                              like the excellent WinSCP/
                              > Putty combo. WinSCP looks much like WinFTP, if you have ever used
                              it.
                              >
                              > You might connect to Windows shares via an SSH tunnel; the GUIs
                              mentioned could do this
                              > for you.
                              >
                              > Windows shares themselves dwell on the NetBIOS ports, roughly
                              speaking, 135, 137-179,
                              > 445 (see <http://ntsecurity.nu/papers/port445/> for details).
                              Drive letters can be
                              > assigned with "net use" on the Windows system (see
                              <http://www.microsoft.com/
                              > resources/documentation/windows/xp/all/proddocs/en-
                              us/net_use.mspx>).
                              >
                              > -Andre
                              >
                              Hi Adre! Thanks again for all the help getting sftp/scp/ssh working
                              via openssh on port 22 of my linstation 250! I still have dropbear
                              working on that port 22222, and ssh/sftp on port 22. Now I am going
                              back to my original question! I was looking at this winscp program,
                              and it seems pretty cool. However, while at work (or on the road),
                              what I would like to do is have access (read/write/modify) to a
                              files on my linkstation at home. For instance, could I play MP3s
                              streamed from my linkstation while on the road? Or can I open my
                              quicken financial database on the road? I don't want to copy the file
                              (s) over, modify them, then copy them back (for my quicken example),
                              I'd like to work w/ them interactively. I thought of using windows
                              share folders for this, but I am having problems like mentioned
                              above. I also poked around w/ the winscp, and don't see such a
                              capability. Would you (or anyone else) have any suggestions? I first
                              want to look at doing it non-securly (ie. no VPN), then if I get
                              that working, look at a more secure option. I use gotdns.org to map
                              my ip address to my local router, then use port forwarding on my
                              router to get to the buffalo. This is how I have been doing
                              ssh/sftp. But when I try to map a network drive, I enter:
                              \\URL.com\share ('share' is the name that I use on my buffalo, the
                              default share directory) and my login name/password, but it times
                              out. Any suggestions??!! Thanks!!
                            • lalunas10
                              ... wrote: [...] ... Ouch, typo: not 137-179,445 but 137-139,445 ... [...] ... You need stremaing software for that, like mt-daapd. Or mount your shares
                              Message 14 of 14 , Oct 30, 2005
                              • 0 Attachment
                                --- In LinkStation_General@yahoogroups.com, "john_p_daniels" <john_p_daniels@y...>
                                wrote:

                                [...]
                                > > Windows shares themselves dwell on the NetBIOS ports, roughly
                                > speaking, 135, 137-179, 445 (see <http://ntsecurity.nu/papers/port445/> for details).

                                Ouch, typo: not 137-179,445 but 137-139,445

                                > Drive letters can be
                                > > assigned with "net use" on the Windows system (see
                                > <http://www.microsoft.com/
                                > > resources/documentation/windows/xp/all/proddocs/en-
                                > us/net_use.mspx>).
                                [...]

                                > while at work (or on the road),
                                > what I would like to do is have access (read/write/modify) to a
                                > files on my linkstation at home. For instance, could I play MP3s
                                > streamed from my linkstation while on the road?

                                You need stremaing software for that, like mt-daapd. Or mount your shares remotely,
                                then tell your player to use them as its data source.

                                > Or can I open my
                                > quicken financial database on the road? I don't want to copy the file
                                > (s) over, modify them, then copy them back (for my quicken example),
                                > I'd like to work w/ them interactively. I thought of using windows
                                > share folders for this, but I am having problems like mentioned
                                > above.

                                Make sure your shares are password protected. Open the NETBIOS ports mentioned above
                                on your router, forward them ("NAT").

                                > I also poked around w/ the winscp, and don't see such a
                                > capability.

                                Correct.

                                > Would you (or anyone else) have any suggestions? I first
                                > want to look at doing it non-securly (ie. no VPN), then if I get
                                > that working, look at a more secure option.

                                You could use an SSH tunnel once you got it going. Here's an example from my notes on
                                how to create an SSH tunnel for a different service, VNC (port 5901). Add a grain of salt,
                                and don't forget NAT of the ports you're using:

                                <quote>If you want more security, because you will be working over the public
                                internet, you can avoid opening up port 5901 in your firewall and/or
                                router, and instead use ssh (port 22). Then from your Solaris system,
                                use ssh and specify a tunnel for port 5901 that will then allow your
                                Solaris VNC client to use the secure ssh tunnel.

                                ssh -f -C -N -L 5901:127.0.0.1:5901 username@...
                                for the forwarding host you need to use the internal

                                If you use the external IP then SSH tries to talk to your firewall.

                                ssh 151.199.60.120 -l username -C -L 5902:192.168.1.100:5901
                                </quote>

                                > I use gotdns.org to map
                                > my ip address to my local router, then use port forwarding on my
                                > router to get to the buffalo.

                                What ports? See the NETBIOS notes above

                                > This is how I have been doing
                                > ssh/sftp. But when I try to map a network drive, I enter:
                                > \\URL.com\share ('share' is the name that I use on my buffalo, the
                                > default share directory) and my login name/password, but it times
                                > out. Any suggestions??!! Thanks!!

                                You might need to add the workgroup to your \\ thing; but I'm only an occasional
                                windows user :) The URLs mentioned earlier should prove helpful.

                                -Andre
                              Your message has been successfully submitted and would be delivered to recipients shortly.