2

This question is very similar but also distinctly different (How do I ensure data encryption on Samba transmission on *NIX systems?)

I'm looking to set up remote access to a NAS unit locally sharing via samba. I'd like to set up access on a remote PC (all windows) that would see the NAS unit as a mapped network drive.

From what I understand I have two options (I'm open to more this is just all I am aware of at the moment):

  1. Set up a dynamic IP hostname, forward the necessary ports, and map the net work drive on the remote system. (how much of this is encrypted/secure?)
  2. Set up a VPN server and have the user connect to my network to have access to the mapped network drive. (should encrypt everything)

Option 2 would be the obvious choice however I don't want all of the network traffic on the remote PC to also go through the VPN. I want only the mapped network drive interactions to go through the VPN. Is this possible? Is another approach better for achieving this?

In addition I don't want the remote PC to have to manually connect/disconnect to gain access, and furthermore, they may have an existing VPN they are already routing through. Am I asking for too much?

If it matters, the NAS I have in mind is Synology.

Community
  • 1
Enigma
  • 163
  • 1
  • 6

1 Answers1

1

My preferred method is SSHFS.

Your NAS server runs a SSH server which you then connect to from your remote machine. Leveraging SSHFS it will mount a drive on your remote machine via SSH (secure, encrypted) from the server you specify.

I've not used the windows client version so YMMV.

https://www.digitalocean.com/community/tutorials/how-to-use-sshfs-to-mount-remote-file-systems-over-ssh

HTH

Ajaxasaur
  • 466
  • 2
  • 7
  • 1
    Superb, I'll have to give this a try. – Enigma Mar 31 '15 at 19:28
  • i didnt notice in your original post, you may have to manually connect if there is a disconnect, im not up to speed on any autoconnecting ssh clients. just a fyi, YMMV – Ajaxasaur Mar 31 '15 at 19:34
  • 1
    The Win GUI seems to map it to a drive letter so I'm guessing it falls back on however that gets handled on the OS level. It saves the info and probably auto-connects periodically if it was detected as disconnected. – Enigma Mar 31 '15 at 19:37
  • Cool, hope it works out well for you. :) – Ajaxasaur Mar 31 '15 at 19:38
  • 1
    Unfortunately this doesn't appear to work on Windows > 7 due to Dokan dependencies. – Enigma May 08 '15 at 15:37