Network Security SSH Tunneling David Funk Matt McLaughlin Systems Administrators Computer Systems Support COE, University of Iowa
Using SSH Tunneling SMB Mount Remote Desktop
Direct Connect Share client SMB file server Port 139
Tunnel SMB file server Share client SSH client SSH server Port 22 encrypted Port 139 sshd Port 139
Download Tools Setup lmhosts rpccfg.exe Search for rpccfg C:\windows\system32\drivers\etc\lmhosts smb00
Set TCP Port 135 Listen only on interfaces specified by Bind value HKLM\System\CurrentControlSet\Services\ RpcSs Add ListenOnInternet REG_SZ N Reboot
Configure RPC Configure host not to listen on :135 rpccfg –l Select interface number of non-loopback interface rpccfg -a Reboot
Setup SecureCRT (or Favorite SSH Program) SecureCRT Tunnel Ports Z:"Port Forward Table V2"= port135| ,135|1| |135|| port139| ,139|1| |139|| Setup “Port Forward Filter” =allow, / ,0 allow, / deny, / ,0
Remote Desktop Tunnel Basic Setup Make sure remote assistance and remote desktop are turned off under Start | Control Panel | System | Remote Setup SSH with local port 3389 forwarded to remote port 3389 on target Windows computer
Setup Modified mstsc.exe Allow connections to Copy c:\windows\systems32\mstsc.exe and mstscax.dll to another folder Set mstsc.exe in new location to run in Windows 98 compatible mode.
Connect via Remote Desktop Connect SSH session Start modified mstsc.exe Connect to Login as usual