David, > From: "David B. Cook" <[EMAIL PROTECTED]> > Date: Thu, 18 Oct 2001 15:46:47 -0400 (EDT)
Thank you again, here we are fighting 6 hours time zone difference ;-) > Well you don't want to use the whole Windows environment over the > tunnel - it would be painfully slow. But to get filesystem access > (Network Neighbourhood) so that you can remotely access your DATA > files you need to point Network Neighbourhood at the localhost for > the tunnel. Just what my "road-warriors" want... > Get Tunellier to forward 137/138/139 from locahost... I have been using PuTTY this afternoon at work (I was wrong - it *does* support command line arguments and sessions) because it allows Public/Private Key Authentification (which allows me to revoke and renew a user's Public/Private Key pair without effecting the user's password and account) and have made a floppy which allows a Windows box to have tunnels to ports 13[7-9] on the Win NT Server inside the LEAF Firewall. I tested it from my Win NT work-station and a "netstat -a" at the cmd.exe prompt reveals a nice set of listening sockets on 127.0.0.1:13[7-9] However, now here at home, having shown that the SHH connection through the Firewall works (console, X forwarding etc.), I *can't* see the listening sockets on 127.0.0.1:13[7-9] on this Win 95 box with a "netstat -a". Seems like a Win NT/Win 95 difference. I will have to investigate... > ... then go Start -> Find -> Computer and type in "\\127.0.0.1\" and > Find Now. This should get you to the remote end of the tunnel. My problem was finding the "Microsoft-ism" to access my end of the tunnel. Thanks, now I know what to try (on a *non* Win 95 box!). > It is important to remember that the tunnel emminates from the > machine where the ssh server resides but it does not need to be > pointed at it. It can be Samba on the that server or something else > on that LAN. The day before yesterday I *wouldn't* have twigged the above, today I already did. My SSH tunnel through the Firewall ends at a Linux box on the lan, but forwards the connections to the Win NT Server on the lan. > If you don't want to use \\127.0.0.1\ then you can try adding MS > Loopback as an additional adapter to your WinXX machine and give it > a non-127.0.0.1 address probably in one of the non-routable blocks > ie;172.16.1.1. Then you don't blow away localhost functionality of > whatever you tunnel. Sorry, I don't understand the above. What do you mean with "don't blow away localhost functionality of whatever you tunnel" ? Also, "Route print" (on my Win 95 box) does show 127.0.0.1, but how do I "add MS Loopback as an additional adapter" and give a non-routable IP address? Linux I can manage, but this MS stuff... ;-) > dbc. Greetings Mark > On Thu, 18 Oct 2001, Mark Plowman wrote: > > > David, > > > > > From: "David B. Cook" <[EMAIL PROTECTED]> > > > Cc: <[EMAIL PROTECTED]> > > > Date: Thu, 11 Oct 2001 09:47:28 -0400 (EDT) > > > > > > Port forwarding through ssh is a *fabulous* solution. > > > > I am new to this (forwarding through ssh), but *indeed* it does > > look neat. > > > > > > > Look at Tunnelier (http://www.bitvise.com/tunnelier.html) for > > > WinX environments. > > > > Thanks! I am also investigating various other possibilities, > > PuTTY comes into the picture for me because it supports Public Key > > authentification whilst I don't think Tunnelier does (or am I > > wrong?). But on the other hand PuTTY doesn't appear to support > > configuration files and command line parameters (drat!). > > > > > > > I forward 137/138/139 to my house and I can use my Samba shares > > > from anywhere through an encrypted tunnel. > > > > OK, here comes the question: > > > > Yesterday I was playing with this, forwarding 137/138/139 through > > an encryted tunnel (still *on* the company network - I haven't yet > > punctured my LEAF Firewall!) from a Win NT box to a Linux box. > > > > Experiments with tunneling HTTP were easy, point browser at > > localhost or configure the browser with localhost as proxy and > > Bingo! > > > > However, how do I get the MS client software (this is for rodent > > bound road-warriors) to look into the tunnel? Or did you do it > > with SAMBA related tools on Linux? > > > > > > > MS functionality without their security problems! (I know, > > > technically I have extended the risk element on associated > > > server procs from my server to the end-of-line Windows device > > > ... but don't burst my bubble!) > > > > Yeah, it's nice, but the worries persist... > > > > > > Greetings > > > > Mark _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
