Results 1 to 5 of 5
Enjoy an ad free experience by logging in. Not a member yet? Register.
- Join Date
- Apr 2013
How to securely share files over the internet?
I'm really lost, I thought it would be really easy to be able to safely share files that are stored on my server over the internet, so that I can access them from anywhere. But it turns out it's almost impossible! I've tried OpenVPN multiple times, Openswan and even ownCloud, but I couldn't get them to work (except for ownCloud, but I disliked it). Am I missing something? Do any of you know an easy way to share files securely over the internet?
This is what I want:
- To be able to access my files through Windows Explorer (i.e. be able to map the shared folder as a network drive in Windows)
- To be able to open the files directly, without having to download them first (as is the case with a FTP-server), so I can stream my music files
- An encrypted connection, so noboby can intercept the data I am sending to and receiving from the server
This is what I have:
- A fast internet connection (100mbit)
- A Ubuntu 12.04LTS Server
- Two laptops running Windows 7 - these are the machines that should be able to access the files on the server
This is what I've tried:
- Setting up a VPN (using OpenVPN and Openswan, using all kinds of different VPN Clients)
- 'Tunneling Samba through SSL' - although I don't really understand what this means..
- Setting up ownCloud, but that didn't allow me open the whole shared drive in Windows Explorer and I also doubt the security of it
None of these things worked, obviously.
I'm already running a Samba server which allows me to access the server's files through my LAN, but I don't think it's really secure to open the Samba server up to connections from outside the LAN, or is it?
So my question actually is: How do I make my files safely accessible through the internet? There must be an easy way to do this, as this is one of the first things you want to do once you have your own server, right?
Thanks a lot in advance, I'm looking forward to your responses! (please keep in mind that I don't have much experience with Linux networking)
To be honest, this hardly ever comes up - most people don't want to share their files securely over the internet. Most of the time they want to prevent people from accessing them.
I have complete secure access to my files on my server, but I run Linux both ends. I use the fuse ssh filesystem module, I have this kind of arrangement:
Server <- A -> Firewall <- B -> internet <- C -> laptop/tablet (or whatever) device
A: my local network in my house
B: my isp connection with non-standard SSH port forwarded to my server
C: whatever network connection I'm on.
I have a key-based login set up using ssh, allowing my laptop to connect to the server using my private/public key pair that allows me access. The fuse module sits on top of this and uses the connection, it just lets me browse my files using sftp (secure ftp).
As it happens, I'd never trust this arrangement to work if I was trying to use the Windwos SMB protocol or Samba (which implements it for Linux), I'd stick to using ssh and a Linux client. I think you have two clear options:
1. set up your laptop(s) to be running a flavour of Linux so you can use this
2. persevere with the 'tunneling samba through ssl' option.
It does, of course, depend on what you're trying to do with your files - if you just need to edit them and it can be done on the server, you might find it easier to forward a VNC session over the network connection and have a server desktop session displayed in a window on the laptop. That'd give you control enough to manipulate the files remotely.
- Join Date
- Apr 2013
I'm very surprised that not more people want this. But I continued trying to tunnel Samba through SSH, and I finally got it working, thanks to this guide! nikhef.nl/~janjust/CifsOverSSH/VistaLoopback.html
It works very well now, but Roxoff, can you explain why you'd never trust this arrangement? What are the risks? I'm not scared by very technical answers.
- Join Date
- May 2006
1. As it's proprietary, then I cannot be sure that there aren't things in there that can be compromised easily. This is partly alleviated by running it over ssh...
2. Its bloatware, the protocol is large and somewhat unwieldy. It certainly isn't designed for use over narrow-bandwidth connections, and hence is slow and wasteful
3. I don't have any Windwos clients that I take anywhere. All my portable stuff runs a version of Linux (and, now, Android too) so it's just never needed.
4. ssh is really easy, really secure, and really fast. I have no reason to make ssh work then go through the pain of making run samba over it.
These, of course, are my reasons. You have to make decisions about what you want to use to support what you do, don't use my reasons to make your decision.