Ok, I’ve seen recently quite a few people looking for information on how to get drive sharing working between Windows and Linux and the historical standard for this is “samba”, which makes your Linux box pretend to be a Windows box for the purposes of Windows drive sharing.
However (!) , instead of bending your Linux box and making it pretend to be a Windows server, consider the alternative solution where you bend your Windows machine and make it pretend to be a Linux client. Thinking about it, would you prefer to be running a Native Windows protocol, or a Native Linux protocol - on your network ??
Plus, using a native Linux protocol is easier to set up then Samba, and less likely to break every time you upgrade Ubuntu …
Here’s how if you want to try it;
- Stage # 1, make sure OpenSSH is installed on your Linux box (apt-get install openssh-server)
- Stage # 2, download and install Windows sshfs from here https://code.google.com/p/win-sshfs/downloads/list
- Stage # 3, click on the little yellow fish in your windows tool tray to activate your connection manager, enter a profile name, IP, user and password - pick a drive letter, then do “Save” and "Connect, and if you want the connection to be persistent, tick “mount at login”
Whereas in a commercial environment with lots of boxes etc, SAMBA can be a great asset, on a small scale sharing files over SSHFS is “much” easier. It also has a number of implicit benefits;
- It’ll work point to point over the Internet with no modification
- Connections are secure (i.e. encrypted)
- Connections are / can be implicitly compressed (you can turn this on/off in your ssh config)
- SSH doesn’t generate bucket loads of unwanted local network noise
Just a thought …
Nice … I shall have to take a looksee at this
SSH is the Unix Swiss army knife … if you want to do something, always check and see if SSH will do it before you try anything else …
fyi; I’m now running OpenVPN from my phone with JuiceSSH on top … so I can get to any core server [securely] over 3G re; a shell session to fix problems … a rather better solution that lugging a few Kg’s of laptop around “just in case” …
Another NSA proof solution from Linux foundries …
I’ve been considering posting this since I read the first post on this thread but feared it would come across as a bit of a stupid question but I’ve decided to throw caution to the wind so please go easy on me
I have a NAS server running Freenas 8 on my network which I can connect to easily within my LAN via samba but it seems samba can’t help me connect remotely and directly to my NAS via the internet at the moment I can connect indirectly through Team Viewer but that means a PC has to be running with Team Viewer opened up.
Bur this interested me
It'll work point to point over the Internet with no modification
so my question is can I use ssh to connect directly to my NAS remotely and securely without the need to have any PC’s switched on
I’m not saying I’m gonna attempt this as it looks a bit over my head my question is mainly hypothetical at the moment.
Hi Graeme, in principle the simple answer is “yes”.
However, in order for this to work your NAS box must have an address that’s visible to the Internet, so in practice there are a few other things to consider.
Q1. is your NAS visible (on port 22) from the Internet (if you have a standard home ADSL router / account, this is likely to be “no”)
Q2. does your NAS support file sharing via SSH (it sound like this is a “yes” from what you’ve said)
The “usual” solution here is to log in to your router, and tell it to forward all incoming traffic from the net to port 22 on the local address of your NAS box … “how” you do this will vary greatly from router to router. Assuming the firewall on your router is allowing port 22 (or assuming you modify the router to allow port 22) then this should “just work”.
Warning :: anything visible to the net is hackable - if you use SSH with a ‘password’, you may not want to do any of this. Normally under such circumstances you will use SSH with a ‘certificate’. On your Linux box you can use “ssh-keygen” to generate certificates, by default these will be created in your home folder under .ssh/id_rsa and .ssh/id_rsa.pub. The .pub file will need to be installed on your NAS, and the id_rsa will need to be installed on your laptop or whatever other device it is you’re using to access the NAS from the net … then you need to turn SSH password authentication off on your NAS. This will be about as secure as you can make it short of not sharing it over the net …
Note :: most ISP’s will issue “dynamic” IP addresses, so each time your router connects to the Internet it will get a different address, the effect will be that the address of your NAS will change from time to time - which could make life difficult for you (!) I would recommend paying a little extra and requesting a “static” IP address, in this instance your router’s IP (and consequently the IP of your NAS box) will remain the same. BT charge an additional £5 a month for a static IP on their BT infinity product, whereas Zen Internet include one in the price (last time I checked) …
As MP says, the major stumbling block will be that your external IP will change from time to time so you’ll not know what IP address to connect to.
There ARE ways around this
NoIP do a free dymanic DNS service:
where you run some software on your PC that detects when your IP changes and updates the address on their sever … so you’d always connect through a URL the’d give you that is always up to date.
But I have no idea if there’s a client (the software that detects the IP change) for freeNAS/BSD
Buffalo also do a dynamic DNS service for their linkstation NAS boxes.
I managed to do it once before using DynDns through ftp as an experiment but I was worried about security because as far as I understand ftp uses plain text to transmit data.
Setting up a secure connection was clearly beyond me so I scrapped the idea, but i never thought of ssh so when Mad Penguin posted his message regarding ssh it got me kinda interested, but after reading his explanation on how it would be done it still looks beyond me but I just thought I’d ask
DynDNS are no longer free … and if you’re gonna have to pay, you may as well just get a static IP
But yeah, once you overcome the dynamic IP there are a few ways you could go … such as samba (or anything else) over an openvpn tunnel, etc.
DynDNS are no longer free .. and if you're gonna have to pay, you may as well just get a static IP
That’s true but at that time it was free but apart from all the problems I’d likely have overcome I have that piece of crippled crapware Virgin Media call a Superhub and all that that implies re the port forwarding drama Pooky went through
In case you’ve forgot here’s a reminder of how you do port forwarding with the Superhub
if it open ready for you to have it open when it's open ready and you're not having it open then it's not going to be open but it is open ready
And you don’t understand that ?
And you don't understand that ?
of course I do I just wasn’t sure if you were quite up to speed on it that’s all