Comments on: Leopard Broke SMB Tunnel Mounting via Finder http://blog.newsyland.com/mac-os-x/leopard-broke-smb-tunneling tail -f /dev/brain >> blog.newsyland.com Tue, 02 Feb 2010 16:08:37 +0000 hourly 1 http://wordpress.org/?v=3.0 By: Konstantin Läufer http://blog.newsyland.com/mac-os-x/leopard-broke-smb-tunneling/comment-page-1#comment-4 Konstantin Läufer Sun, 29 Nov 2009 13:04:50 +0000 http://blog.newsyland.com/mac-os-x/leopard-broke-smb-tunnelling#comment-4 Great post and comment! Thanks a lot. I have finally restored transparent remote access to my files. One more addition: you can avoid having to run ssh as root by using a local port above 139. For example, I use 1139. The corresponding server address to enter after Command-K in the finder is cifs://user@127.0.0.2:1139/share Great post and comment! Thanks a lot. I have finally restored transparent remote access to my files.

One more addition: you can avoid having to run ssh as root by using a local port above 139. For example, I use 1139. The corresponding server address to enter after Command-K in the finder is

cifs://user@127.0.0.2:1139/share

]]> By: Rémi Prévost http://blog.newsyland.com/mac-os-x/leopard-broke-smb-tunneling/comment-page-1#comment-3 Rémi Prévost Fri, 13 Nov 2009 16:40:53 +0000 http://blog.newsyland.com/mac-os-x/leopard-broke-smb-tunnelling#comment-3 Thank you so much for this post! It's a shame that Apple removed this feature from Leopard (but still allows it via command line). Now I can mount SMB shares from work at home :D Thank you so much for this post! It’s a shame that Apple removed this feature from Leopard (but still allows it via command line).

Now I can mount SMB shares from work at home :D

]]> By: Solomon Ford http://blog.newsyland.com/mac-os-x/leopard-broke-smb-tunneling/comment-page-1#comment-2 Solomon Ford Fri, 28 Dec 2007 21:37:40 +0000 http://blog.newsyland.com/mac-os-x/leopard-broke-smb-tunnelling#comment-2 You can also set up an alias for loopback interface from the terminal as follows: sudo ifconfig lo0 alias 127.0.0.2 up "127.0.0.2" can be any 127.0.0.x address you like, aside from .1, and it will work just like 127.0.0.1 does. Once you do this--and properly configure your ssh tunnel--you can Command-K from the Finder, and Leopard will happily connect using this new address instead. The nice thing is this alias will stick around forever, or until you run the same command except with a "-alias". (Using this trick, there's no need to mount_smb by hand through the Terminal; pre-Leopard behavior is essentially restored.) Just like with pre-10.5, keep in mind your ssh will need to forward both TCP 139 and 445, and you'll have to run the ssh command as root in order to allow forwarding those privileged port numbers (which is anything below 1024). I just created my ~/.ssh/config file to reflect the funky port forwarding for that host, and then call it using the following command: sudo ssh remote_login_name@remote_server_name -F /Users/my_login/.ssh/config Here is the relevant excerpt from my ~/.ssh/config file... Host remote_server_name User remote_login_name LocalForward 127.0.0.2:139 remote_ip_address:139 LocalForward 127.0.0.2:445 remote_ip_address:445 Finally, a caveat about connecting to a Windows machine using this method... Since Windows machines do not respond to SMB requests on 127.0.0.1, you will need to point your ssh config either to the IP address of the 'Microsoft Loopback Adapter' you manually installed (refer to other sources of info on the web about how to do this; it's pretty easy), or you will have to point your ssh config to the remote server's *non-loopback* IP address. If you are using the second method, be ABSOLUTELY sure you limit access to 'File and Printer Sharing' using the Windows Firewall or a hardware firewall. Good luck! You can also set up an alias for loopback interface from the terminal as follows:

sudo ifconfig lo0 alias 127.0.0.2 up

“127.0.0.2″ can be any 127.0.0.x address you like, aside from .1, and it will work just like 127.0.0.1 does. Once you do this–and properly configure your ssh tunnel–you can Command-K from the Finder, and Leopard will happily connect using this new address instead. The nice thing is this alias will stick around forever, or until you run the same command except with a “-alias”. (Using this trick, there’s no need to mount_smb by hand through the Terminal; pre-Leopard behavior is essentially restored.)

Just like with pre-10.5, keep in mind your ssh will need to forward both TCP 139 and 445, and you’ll have to run the ssh command as root in order to allow forwarding those privileged port numbers (which is anything below 1024). I just created my ~/.ssh/config file to reflect the funky port forwarding for that host, and then call it using the following command:

sudo ssh remote_login_name@remote_server_name -F /Users/my_login/.ssh/config

Here is the relevant excerpt from my ~/.ssh/config file…

Host remote_server_name
User remote_login_name
LocalForward 127.0.0.2:139 remote_ip_address:139
LocalForward 127.0.0.2:445 remote_ip_address:445

Finally, a caveat about connecting to a Windows machine using this method…

Since Windows machines do not respond to SMB requests on 127.0.0.1, you will need to point your ssh config either to the IP address of the ‘Microsoft Loopback Adapter’ you manually installed (refer to other sources of info on the web about how to do this; it’s pretty easy), or you will have to point your ssh config to the remote server’s *non-loopback* IP address. If you are using the second method, be ABSOLUTELY sure you limit access to ‘File and Printer Sharing’ using the Windows Firewall or a hardware firewall.

Good luck!

]]>