Loading ...
Sorry, an error occurred while loading the content.

Re: [nslu2-general] Re: Mapping the slug as a drive over the net

Expand Messages
  • Lennart Börjeson
    Oops... I assumed you were running either unslung or openslug, sorry. The stock Linksys firmware can only export Windows shares. While possible, it is not a
    Message 1 of 17 , Feb 2, 2006
    • 0 Attachment
      Oops...

      I assumed you were running either unslung or openslug, sorry.

      The stock Linksys firmware can only export Windows shares. While possible, it
      is not a good idea to expose Windows share on the Internet. As soon as your
      SMB ports are visible on the net, your slug will be assualted by breakin
      attempts, which, even if the slug will probably resist them better than a
      Windows system, will at the least steal bandwidth from your Internet
      connection and CPU capacity from your slug which will be busy rejecting
      access requests.

      The only way to do it would be to have some kind of VPN gateway between the
      slug and Internet, with a suitable VPN client on your Windows system.

      On the other hand, why can't you install unslung or openslug? Do you need NTFS
      disks? As I wrote in another post, you can use WinSCP on a Windows client to
      access openssh on the slug.

      /Lennart

      torsdag 02 februari 2006 13:58 skrev simonhancock1967:
      > Perhaps I should have mentioned...
      >
      > The slug is running the Linksys firmware (R63) and the client
      > machine will always be Windows.
      >
      > Simon
      >
      > --- In nslu2-general@yahoogroups.com, Lennart Börjeson
      >
      > <Lennart.Borjeson@...> wrote:
      > > I do this with a combination of
      > >
      > > openssh on the slug
      > > fuse and sshfs on the client
      > >
      > > References:
      > >
      > > http://www.nslu2-linux.org/wiki/HowTo/UseOpenSSHForRemoteAccess
      > > http://fuse.sourceforge.net/
      > > http://fuse.sourceforge.net/sshfs.html
      > >
      > > /Lennart
      > >
      > > torsdag 02 februari 2006 10:44 skrev simonhancock1967:
      > > > I'd like to be able to access the data on my slug over the
      >
      > internet.
      >
      > > > If I forward the router port 20-21 to the slug I can access the
      >
      > data
      >
      > > > via ftp. If forward port 80 I can get my browser to see the slug
      >
      > main
      >
      > > > page and navigate from there. What I'd like to do is just set it
      >
      > up so
      >
      > > > the slug just appears as a mapped network drive. I can't seem to
      >
      > get
      >
      > > > this to work.
      > > >
      > > > The main reason for wanting to do this is to have a slug
      >
      > directory as
      >
      > > > my music library for ITunes running on my remote computer (Is
      >
      > this
      >
      > > > feasible? My upload speed at home is 256kbs).
      > > >
      > > > Thanks
      >
      > Yahoo! Groups Links
      >
      >
      >

      --
      !++
      ! Lennart Börjeson
      ! Starrängsringen 2
      ! S-115 50 STOCKHOLM
      ! Sverige/Sweden/Schweden/Suède
      ! mailto:Lennart.Borjeson@...
      ! phone:+46-8-6644216
      ! gsm:+46-70-5555150
      !--
    • Ludo
      Hi, You can open the SMB port on your firewall/router, but that would be kind of risky. Or call it st*p*d:) Yes, the best normal practice would be to buy a
      Message 2 of 17 , Feb 2, 2006
      • 0 Attachment
        Hi,

        You can open the SMB port on your firewall/router, but that would be kind of
        risky. Or call it st*p*d:)

        Yes, the best normal practice would be to buy a cheap VPN enabled router,
        like the Draytek Vigor range (2200 for cable internet for instance, capable
        of doing 8 simultaneous VPN connections to the router itself) for about
        80euros. This I do all the time to connect to home. You won't need another
        computer arranging VPN traffic, the router does it all by itself. VPN to the
        router and you can connect to every computer connected to the router (in
        router, by hub/switch or by wifi accesspoint for example) at your (home)
        location. Easy to set up too.

        That way you'll have save and encrypted traffic over VPN, and behave on the
        Net as you would do at home.

        Good luck,

        Ludo

        ----- Original Message -----
        From: <c.j.watts@...>
        To: <nslu2-general@yahoogroups.com>
        Sent: Thursday, February 02, 2006 2:22 PM
        Subject: RE: [nslu2-general] Re: Mapping the slug as a drive over the net


        > Unless you load something other than Linksys firmware and run openvpn the
        > only thing I can think of is buy a VPN router and set up a tunnel between
        > the NSLU2 and the net.
        >
        > Chris
        >
        >
        >>
        >>Perhaps I should have mentioned...
        >>
        >>The slug is running the Linksys firmware (R63) and the client
        >>machine will always be Windows.
        >>
        >>Simon
        >>
        >
        >
        >
        > Yahoo! Groups Links
        >
        >
        >
        >
        >
      • Vincent Fare
        Hi ! Yep for my part too, it s the best solution. Except that I tried to install it on a synology DS 101, and it seems to be impossible just because of the
        Message 3 of 17 , Feb 2, 2006
        • 0 Attachment
          Hi !

          Yep for my part too, it's the best solution.
          Except that I tried to install it on a synology DS 101, and it seems to
          be impossible just because of the file tun.o
          I think there non problem on nslu2, but is there anyone who try and
          success on a DS 101 ?

          byebye.
          Vincent.

          Ludo a écrit :

          >Hi,
          >
          >You can open the SMB port on your firewall/router, but that would be kind of
          >risky. Or call it st*p*d:)
          >
          >Yes, the best normal practice would be to buy a cheap VPN enabled router,
          >like the Draytek Vigor range (2200 for cable internet for instance, capable
          >of doing 8 simultaneous VPN connections to the router itself) for about
          >80euros. This I do all the time to connect to home. You won't need another
          >computer arranging VPN traffic, the router does it all by itself. VPN to the
          >router and you can connect to every computer connected to the router (in
          >router, by hub/switch or by wifi accesspoint for example) at your (home)
          >location. Easy to set up too.
          >
          >That way you'll have save and encrypted traffic over VPN, and behave on the
          >Net as you would do at home.
          >
          >Good luck,
          >
          >Ludo
          >
          >----- Original Message -----
          >From: <c.j.watts@...>
          >To: <nslu2-general@yahoogroups.com>
          >Sent: Thursday, February 02, 2006 2:22 PM
          >Subject: RE: [nslu2-general] Re: Mapping the slug as a drive over the net
          >
          >
          >
          >
          >>Unless you load something other than Linksys firmware and run openvpn the
          >>only thing I can think of is buy a VPN router and set up a tunnel between
          >>the NSLU2 and the net.
          >>
          >>Chris
          >>
          >>
          >>
          >>
          >>>Perhaps I should have mentioned...
          >>>
          >>>The slug is running the Linksys firmware (R63) and the client
          >>>machine will always be Windows.
          >>>
          >>>Simon

          [ads removed by moderator. - please remove all ads from your reply messages]
        • Matt McNeill
          Simon, I run Unslung 5.5 with Samba shares which I share over the net. I run Windows XP on my work box. I opened port 22 (SSH) in my firewall which forwards to
          Message 4 of 17 , Feb 2, 2006
          • 0 Attachment
            Simon,

            I run Unslung 5.5 with Samba shares which I share over the net.

            I run Windows XP on my work box.

            I opened port 22 (SSH) in my firewall which forwards to my slug. I have
            configured the slug only to accept key authentication as per:

            http://www.nslu2-linux.org/wiki/HowTo/UseOpenSSHForRemoteAccess

            In this same wiki page there is a section called: "Remote access to
            Samba shares over SSH". Read this and have a look at the link referenced
            there;

            http://lists.samba.org/archive/samba/2004-May/085358.html

            this gives you the background to setting up Putty to forward ports 139
            and 445 over the SSH tunnel and configure the loop-back adapter,
            particularly the following:

            --8<--
            In the properties pages for the new loopback adapter, disable (don't
            uninstall) "Client for Microsoft Networks", "File and Printer Sharing
            for Microsoft Networks" and anything else except "Internet Protocol
            TCP/IP)".

            In the properties dialog for "Internet Protocol (TCP/IP)" for the
            adapter, check "Use the following IP address:" and then give the adapter
            a fixed IP address (not in the 127.*.*.* range, it will not accept it).
            --8<--

            You can then set up a batch file which you just have to run to establish
            the tunnel (assuming that your key is loaded into pagent) and then you
            can access your shares via mappings to \\10.0.0.1\myshare\ or something
            like that. (the samba link above recommends using an ipaddress of
            222.222.222.222 - but I just use 10.0.0.1).

            --8<--
            @echo off

            ".\plink.exe" username@... -ssh -N -v -batch -L
            10.0.0.1:139:127.0.0.1:139 -L 10.0.0.1:445:127.0.0.1:445 -L

            REM If you are running Windows 95 or 98, you can uncomment the following
            "choice" line to REM insert a delay of 5 seconds before the connection
            tries to re-establish.

            REM choice /cX /t:X,5 > nul REM call tunnel.bat
            --8<--

            It's easy, nice and neat, and is nowhere near as hard as setting up VPN!

            Try it out and write back here if you have problems.


            simonhancock1967 wrote:
            > I'd like to be able to access the data on my slug over the internet.
            > If I forward the router port 20-21 to the slug I can access the data
            > via ftp. If forward port 80 I can get my browser to see the slug main
            > page and navigate from there. What I'd like to do is just set it up so
            > the slug just appears as a mapped network drive. I can't seem to get
            > this to work.
            >
            > The main reason for wanting to do this is to have a slug directory as
            > my music library for ITunes running on my remote computer (Is this
            > feasible? My upload speed at home is 256kbs).
            >
            > Thanks
          • pepesz76
            Hello Matt, I tried to use your directions and I half way to success. After executing tunnel.bat: . plink.exe username@myserver.ipaddress.com -ssh -i
            Message 5 of 17 , Feb 2, 2006
            • 0 Attachment
              Hello Matt,

              I tried to use your directions and I half way to success.
              After executing tunnel.bat:

              ".\plink.exe" username@... -ssh -i auth_key.ppk -N -v -batch -L
              10.0.0.1:139:127.0.0.1:139 -L 10.0.0.1:445:127.0.0.1:445

              I got:

              --8<--
              Server version: SSH-1.99-OpenSSH_4.2
              We claim version: SSH-2.0-PuTTY_Release_0.58
              Using SSH protocol version 2
              Doing Diffie-Hellman group exchange
              Doing Diffie-Hellman key exchange
              Host key fingerprint is:
              ssh-rsa 1024 f9:ea:f9:cd:ad:a4:51:f9:1a:b0:97:a4:7f:e4:d1:2f
              Initialised AES-256 client->server encryption
              Initialised HMAC-SHA1 client->server MAC algorithm
              Initialised AES-256 server->client encryption
              Initialised HMAC-SHA1 server->client MAC algorithm
              Using username "lukasz".
              Reading private key file "auth_key.ppk"
              Offered public key
              Offer of public key accepted
              Authenticating with public key "rsa-key-20050317"
              Access granted
              Local port 10.0.0.1:139 forwarding to 127.0.0.1:139
              Local port 10.0.0.1:445 forwarding to 127.0.0.1:445 failed: Network error: Permission denied
              --8<--

              I'm able to map \\10.0.0.1\myshare but it seems to be slow...
              How can I solve "Local port 10.0.0.1:445 forwarding to 127.0.0.1:445
              failed: Network error: Permission denied" problem ? Any idea? Thanks a
              lot.


              --
              Best regards,
              pepesz76 mailto:pepesz76@...


              Please avoid sending me Word or PowerPoint attachments.
              See http://www.gnu.org/philosophy/no-word-attachments.html
            • Matt McNeill
              Ahh yes - I get that error too. The speed is probably slow due to the fact that the little slug is doing a lot of data encryption processing. I think the 445
              Message 6 of 17 , Feb 3, 2006
              • 0 Attachment
                Ahh yes - I get that error too. The speed is probably slow due to the
                fact that the little slug is doing a lot of data encryption processing.

                I think the 445 is the preferred port for XP/2000/2003 to connect to
                with the TCP/IP samba protocol, and if it fails to make a connection on
                445 then it defaults to 139. See:

                http://www.petri.co.il/what's_port_445_in_w2k_xp_2003.htm

                I would be interested if anyone has any thoughts about the 445
                permission denied issue.

                Matt


                pepesz76 wrote:
                > Hello Matt,
                >
                > I tried to use your directions and I half way to success.
                > After executing tunnel.bat:
                >
                > ".\plink.exe" username@... -ssh -i auth_key.ppk -N -v -batch -L
                > 10.0.0.1:139:127.0.0.1:139 -L 10.0.0.1:445:127.0.0.1:445
                >
                > I got:
                >
                > --8<--
                > Server version: SSH-1.99-OpenSSH_4.2
                > We claim version: SSH-2.0-PuTTY_Release_0.58
                > Using SSH protocol version 2
                > Doing Diffie-Hellman group exchange
                > Doing Diffie-Hellman key exchange
                > Host key fingerprint is:
                > ssh-rsa 1024 f9:ea:f9:cd:ad:a4:51:f9:1a:b0:97:a4:7f:e4:d1:2f
                > Initialised AES-256 client->server encryption
                > Initialised HMAC-SHA1 client->server MAC algorithm
                > Initialised AES-256 server->client encryption
                > Initialised HMAC-SHA1 server->client MAC algorithm
                > Using username "lukasz".
                > Reading private key file "auth_key.ppk"
                > Offered public key
                > Offer of public key accepted
                > Authenticating with public key "rsa-key-20050317"
                > Access granted
                > Local port 10.0.0.1:139 forwarding to 127.0.0.1:139
                > Local port 10.0.0.1:445 forwarding to 127.0.0.1:445 failed: Network error: Permission denied
                > --8<--
                >
                > I'm able to map \\10.0.0.1\myshare but it seems to be slow...
                > How can I solve "Local port 10.0.0.1:445 forwarding to 127.0.0.1:445
                > failed: Network error: Permission denied" problem ? Any idea? Thanks a
                > lot.
                >
                >
              • pepesz76
                Hello Matt, ... The transfer is about 140kB/s while when I use ftp over tls or scp it goes to 240kB/s (that s my bandwidth). I assume that data encryption
                Message 7 of 17 , Feb 3, 2006
                • 0 Attachment
                  Hello Matt,

                  Friday, February 3, 2006, 2:32:03 PM, you wrote:

                  > Ahh yes - I get that error too. The speed is probably slow due to the
                  > fact that the little slug is doing a lot of data encryption processing.


                  The transfer is about 140kB/s while when I use 'ftp over tls' or 'scp'
                  it goes to 240kB/s (that's my bandwidth). I assume that data
                  encryption processing in that case is more/less the same as in case of
                  samba over ssl?

                  I might be mistaken but the top shows 80% idle when transferring data
                  with samba over ssl (mapping):

                  ---8<---
                  top - 15:42:55 up 1 day, 17:43, 4 users, load average: 1.16, 1.12, 1.06
                  Tasks: 79 total, 1 running, 78 sleeping, 0 stopped, 0 zombie
                  Cpu(s): 11.7% user, 7.9% system, 0.0% nice, 80.4% idle
                  Mem: 30520k total, 29972k used, 548k free, 688k buffers
                  Swap: 56220k total, 27516k used, 28704k free, 15800k cached

                  PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
                  3792 lukasz 12 0 1688 1620 1436 S 10.5 5.3 0:18.28 sshd
                  3797 root 16 0 996 996 772 R 4.8 3.3 0:05.63 top
                  3794 root 9 0 2240 2216 1908 S 1.3 7.3 0:03.59 smbd
                  53 root 10 0 0 0 0 D 1.0 0.0 10:01.67 ixp425_csr
                  10 root 9 0 0 0 0 S 0.3 0.0 0:31.68 usb-storage-1
                  3712 root 9 0 1088 896 896 S 0.3 2.9 0:06.55 sshd
                  ---8<---




                  --
                  Best regards,
                  pepesz76 mailto:pepesz76@...
                • Matt McNeill
                  Good point Pep, I haven t broken down any metrics to the detail that you did. Definitely something in what you say. I have no idea why we can t forward to 445,
                  Message 8 of 17 , Feb 4, 2006
                  • 0 Attachment
                    Good point Pep,

                    I haven't broken down any metrics to the detail that you did. Definitely
                    something in what you say. I have no idea why we can't forward to 445,
                    and since my slug crashed last week I can't do any testing myself.

                    Let me know if you find out anything further.

                    Matt


                    pepesz76 wrote:
                    > Hello Matt,
                    >
                    > Friday, February 3, 2006, 2:32:03 PM, you wrote:
                    >
                    >> Ahh yes - I get that error too. The speed is probably slow due to the
                    >> fact that the little slug is doing a lot of data encryption processing.
                    >
                    >
                    > The transfer is about 140kB/s while when I use 'ftp over tls' or 'scp'
                    > it goes to 240kB/s (that's my bandwidth). I assume that data
                    > encryption processing in that case is more/less the same as in case of
                    > samba over ssl?
                    >
                    > I might be mistaken but the top shows 80% idle when transferring data
                    > with samba over ssl (mapping):
                    >
                    > ---8<---
                    > top - 15:42:55 up 1 day, 17:43, 4 users, load average: 1.16, 1.12, 1.06
                    > Tasks: 79 total, 1 running, 78 sleeping, 0 stopped, 0 zombie
                    > Cpu(s): 11.7% user, 7.9% system, 0.0% nice, 80.4% idle
                    > Mem: 30520k total, 29972k used, 548k free, 688k buffers
                    > Swap: 56220k total, 27516k used, 28704k free, 15800k cached
                    >
                    > PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
                    > 3792 lukasz 12 0 1688 1620 1436 S 10.5 5.3 0:18.28 sshd
                    > 3797 root 16 0 996 996 772 R 4.8 3.3 0:05.63 top
                    > 3794 root 9 0 2240 2216 1908 S 1.3 7.3 0:03.59 smbd
                    > 53 root 10 0 0 0 0 D 1.0 0.0 10:01.67 ixp425_csr
                    > 10 root 9 0 0 0 0 S 0.3 0.0 0:31.68 usb-storage-1
                    > 3712 root 9 0 1088 896 896 S 0.3 2.9 0:06.55 sshd
                    > ---8<---
                    >
                    >
                    >
                    >
                  • Philip Johnson
                    (apologies if part of all of this email is formatted incorrectly, not using my normal email client) ... How about Apache + WebDAV? Practically every modern
                    Message 9 of 17 , Feb 4, 2006
                    • 0 Attachment
                      (apologies if part of all of this email is formatted incorrectly, not
                      using my normal email client)

                      On 2/2/06, simonhancock1967 <simon@...> wrote:
                      > [snippety snip]
                      > What I'd like to do is just set it up so
                      > the slug just appears as a mapped network drive.
                      > [snippety snip]

                      How about Apache + WebDAV? Practically every modern operating supports
                      mounting and mapping WebDAV shares as a drive, and its reasonably easy
                      to get working too.
                      Googling apache + webdav brings up a plethora of results.

                      Regards,
                      ----
                      Philip Johnson (PlasticMonkey) <plasticmonkey@...>
                      Office Tel: +44 (0)20 7870 2206 Skype Me: plasticmonkey
                      IRC.freenode.net: philipjohnson Jabber/GTalk:
                      plasticmonkey@...
                      http://www.phillybob.co.uk http://www.pixelgeek.co.uk
                      ----
                      GPG fingerprint = 3EC6 C5B6 FCF1 1FB5 C071 FF64 E7A3 1E3A 3A8F 766B
                      ----
                    Your message has been successfully submitted and would be delivered to recipients shortly.