What is SSH (Secure Shell) port tunneling?

For security reasons some services at Rutgers University require that a user's computer be directly connected to the Rutgers Network. These services cannot be accessed by computers that are connected to the Internet through an external Internet Service Provider (e.g AOL, Comcast, MSN). Usually in order to access protected services such as these users would need to download and install a VPN client.

Remote Drive Mapping With Samba is an example of a protected service that can only be accessed by computers on the Rutgers network. Instead of downloading and installing a VPN client, Mac OS X users have another option called SSH port tunneling. Through an SSH client port tunneling enables a local computer to create a secure, redirected connection to a service, such as remote drive mapping with Samba.

NOTE: Port tunneling on the RCI and Eden Central Server Systems is not supported by OIT. In the future this service may be turned off and then the only way to use remote drive mapping with Samba will be by setting up the VPN (Virtual Private Network)

What Do I Need To Use SSH Port Tunneling On Mac OS X?

The following will be needed to utilize SSH Port Tunneling on a Mac OS X computer:

1. A valid RCI NetID and password
2. An SSH Client (Comes pre-installed with Mac OS X)
3. The port number for Samba on RCI (port 445)

How Do I Do SSH Port Tunneling?

1. Open a Terminal Window
2. At the Mac OS X command prompt type in the ssh command in the following format:

   sudo ssh -l netid -L 139:rci.rutgers.edu:445 rci.rutgers.edu

   Where:
   • sudo- allows a user with administrative privileges on the machine to run a command as the root, or "super user".
   • ssh -l netid- tells the system to run SSH and connect with the username netid.
   • -L 139:rci.rutgers.edu:445-This is where the port tunneling is set up. This command tells the system to tunnel all connections to the local computer on port 139, through the SSH connection, to port 445 on the host rci.rutgers.edu.
   • rci.rutgers.edu- This is the remote host to which ssh is to connect to.

3. After the command is entered press ENTER
4. A password prompt will appear asking for the password of the account that is issuing the command on the local machine. This is not asking for the RCI NetID password
5. Press enter, and a password prompt will appear which reads:

   netid@rci.rutgers.edu's password:

   At this prompt enter the password associated with the RCI account.
6. After successfully logging in, any connection to the local machine on port 139 will be tunneled to port 445 on RCI trough the SSH connection.
7. Connect to the Samba shares on RCI by following the instructions at:Connecting To A Samba Directory but use smb://localhost/sharename instead of using smb://rci.rutgers.edu/sharename as the path to the shares.