Find the answer to your Linux question:
Results 1 to 3 of 3
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    Mounting NFS over SSH

    I've been agonizing over this for a couple of weeks. I am completely bewildered, and would apprecite any helpful input anyone can offer:

    Im currently trying to mount an NFS drive off of a production server to a little test box i've setup so that I can route files to the server. Since NFS is so insecure, it was decided up above that I should tunnel the mount through an SSH connection. I was able to do this in a test environment, but on the production server I cannot get the mount to work.
    Server - RedHat Enterprise AS 3.0
    Client - RedHat Enterprise AS 2.1

    What I did:
    On the Server -
    I modified the /etc/init.d/nfs file to "pin" mountd to port 4402.
    I created the file /etc/exports and added the line
    /web/htdocs/lcms,all_squash,anonuid=702,anongid=702,in secure,sycn)
    (702 refers to the user lcms, who has been set as the owner of the lcms folder.)
    then ran #exportfs -arv, which gave the following results
    exporting localhost.localdomain:/web/htdocs/lcms
    reexporting localhost.localdomain:/web/htdocs/lcms to kernel

    then I restart the sshd service, stop nfslock, nfs, restart portmap, start nfs and nfslock
    #service sshd restart
    #service nfslock stop
    #service nfs stop
    #service portmap restart
    #service nfs start
    #service nfslock start

    after that I configure the firewall through iptables. I have sunrpc(111) open on tcp and udp, port 22(ssh) open on tcp and udp and ports 250,251 on tcp, udp
    so that should setup the server
    i can check the connection from the server to the client by running the following command on the client:
    #rpcinfo -p server_ip
    which gives me the following:
    program vers proto port
    100000 2 tcp 111 portmapper
    100000 2 udp 111 portmapper
    391002 2 tcp 32769 sgi_fam
    100024 1 udp 38360 status
    100024 1 tcp 41751 status
    100011 1 udp 637 rquotad
    100011 2 udp 637 rquotad
    100011 1 tcp 640 rquotad
    100011 2 tcp 640 rquotad
    100003 2 udp 2049 nfs
    100003 3 udp 2049 nfs
    100003 2 tcp 2049 nfs
    100003 3 tcp 2049 nfs
    100021 1 udp 47171 nlockmgr
    100021 3 udp 47171 nlockmgr
    100021 4 udp 47171 nlockmgr
    100021 1 tcp 59176 nlockmgr
    100021 3 tcp 59176 nlockmgr
    100021 4 tcp 59176 nlockmgr
    100005 1 udp 4402 mountd
    100005 1 tcp 4402 mountd
    100005 2 udp 4402 mountd
    100005 2 tcp 4402 mountd
    100005 3 udp 4402 mountd
    100005 3 tcp 4402 mountd

    now on the clientside i create two ssh connections to forward traffic from 250 to 2049 (nfs) and 251 to 4402 (mountd)
    #ssh root@server -L 250:localhost:2049 -f sleep 60m
    #ssh root@server -L 251:localhost:4402 -f sleep 60m

    i can check that this succeeded by going to the server and running
    #tail /var/log/messages
    which gives me the following:
    Jun 8 10:30:00 www sshd(pam_unix)[9032]: session opened for user root by (uid=0)
    Jun 8 10:30:16 www sshd(pam_unix)[9045]: session opened for user root by (uid=0)

    i then try to run a mount command
    #mount -t nfs -o rw,port=250,mountport=251 localhost:/web/htdocs/lcms /web/lcms/active
    this spits back an error
    mount: RPC: Unable to receive; errno = Connection refused

    hope someone out there can help!

  2. #2
    If you had any luck, I'd like to know.
    I've tried the same thing, ended up with the same errors...

    I know theres a fuse plugin called sshfs or something like that though...

    Also, there is this tutorial (didn't help): Sys Admin > Encrypted NFS with OpenSSH and Linux


  3. #3
    Join Date
    May 2004
    arch linux
    Hi, atrain!

    If you need help, please start a new thread because this on is more than 2 years old already.




Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts