-   Linux - Security (
-   -   NFS mount over SSH tunnel (

rubanek 06-14-2012 03:50 PM

NFS mount over SSH tunnel
I have two private networks separated by public internet. I cannot set up a proper VPN. I'll identify the two private networks as network A and network B. I have a Centos6 (nodeA) box on network A that needs mount an NFS volume from network B. The NFS service is running on a Netapp appliance and is in production (so I can't statically configure the various NFS service ports). What I was thinking I might be able to do is set up an SSH tunnel between nodeA and a bastion host on network B (nodeB). Let's say the IP address of the netapp appliance in network B was

I was thinking I might be able to set up some sort of tunnel from nodeA to nodeB i.e. ssh root@nodeB -L 0-65535:

Then I could configure nodeA:/etc/fstab such that it would mount the NFS server as There doesn't seem to be a "range" option with using the "-L" ssh option. 0-65535 is definitely an overkill. I suppose I just need portmap port of 111 and all non privileged ports 1024-65535. However, you get the point?

Eventually I'm going to set up a proper VPN between these two private subnets, however that's 2 weeks away and I'm hoping to come up with a temporary solution before then.



-Jeremy (rubanek)

frieza 06-14-2012 03:58 PM

since you are using ssh, quick and dirty solution would be to install fuse-sshfs

# yum install fuse-sshfs
on the client machine then

# sshfs -o allow_other user@host:/folder /mountpoint
and you can mount an ssh connection as a drive, instead of having to worry about forwarding nfs ports

just a thought

jefro 06-14-2012 08:44 PM

Can the netapp do any sort of tunnel?

All times are GMT -5. The time now is 01:00 AM.