Student L8A3

In this activity, you will be learn how to set up an Network File Share (NFS) and a Windows File Share (SMB). You will also have an activity involving Secure File Transfer Protocol (SFTP). So let’s get started!

 

Creating an NFS file share (Windows 2012 R2):

  1. Launch Server Manager.
  2. On the top menu, click Manage.
  3. Click Add Roles and Features.
  4. On the “Before you begin screen”, click Next.
  5. On the Select installation type screen, ensure Role-based or feature-based installation is selected, and then click Next.
  6. On the Server selection screen, click Next.
  7. On the Select server roles screen, expand File and Storage Services, expand File and iSCSI Services, and then check the box next to Server for NFS.

server_roles_selection

  1. Click Next.
  2. If an Add features that are required for Server NFS dialog box appears, click Add Features.

server_additional_features

  1. On the Select feature screen, click Next.
  2. Confirm the installation details, and then click Install.

Now that you have NFS ready to go, you will need to:

  1. Launch File Explorer.
  2. Create a new directory for your NFS share.
  3. Right-click the directory and click Properties.
  4. Select the NFS Sharing tab.
  5. Under the NFS Sharing tab, click the Manage NFS Sharing… button
  6. Check the Share this folder check box.

server_share_folder

  1. Enter a name into the Share name text field. This will be used when a user connects to your NFS share.
  2. Click the Permissions button.
  3. Click Add and then enter the IP address or hostname of the client(s) you want to allow connections from. You may also give them different permissions.

server_add_ip_to_share

  1. Click OK.
  2. Click Apply and then OK.
  3. The NFS share is now set up and you can connect to it from other hosts

Creating an NFS file share (Linux):

  1. On the command line type: sudo apt-get install nfs-utils
    1. It may already be installed
  2. Once that is installed, using your favorite editor (vim, nano, emacs, etc.) open the file /etc/exports
  3. Add a line for each folder you wish to share. NOTE: If you share a folder, all subfolders will be shared as well.
    1. The line should look similar to this:
    2. Directory ip_address_or_FQDN(options)
      1. ex. /var/shared/ 10.2.3.45(ro) 10.2.3.32(rw)
        1. In that example the host 10.2.3.45 can mount my shared drive but they can read only (ro) while 10.2.3.32 can mount the shared drive but they can read and write (rw).
  4. Directory – this is the folder that you wish to share
  5. Ip_address_or_FQDN – You can list individual IP Addresses or and IP Address with a submask, or a number of things to select machines allowed to connect
  6. (options) – there are a number of different options you can set here, though the ones you will most likely use most often are “ro” or “rw” standing for “read only” and “read write” respectively.
  • You will need a new line like that for each directory you wish to share, but remember, all folders under that folder will be shared, so you will only need to share the parent directory if you want to share all sub-directories within it.
  • Save the file when you are done adding lines.
  • To make it take effect and start NFS, restart the machine.

Connecting to an NFS share:

  • Windows
    • Open a command prompt
    • Type: mount[–oOptions] \\ComputerName\ShareName {DeviceName | *}
      • Where {DeviceName | *} is the name of the drive on your computer where you want to mount the shared drive
      • Ex: mount \\networkComputer\sharedFolder S:
        • This will mount the folder “sharedFolder” from the networkComputer to the drive “S:”
      • Linux
        • On the command line type:
        • mount remote_server_name:/path/to/shared/folder/ /location/to/mount/on/local
          • Ex: mount 192.168.1.2:/home/john/shared/ /home/incoming/
          • After running the above command the shared folder would be mounted on my local machine at /home/incoming/

 

Creating a Windows File Share:

  1. Launch Server Manager.
  2. On the top menu, click Manage.
  3. Click Add Roles and Features.
  4. On the “Before you begin screen”, click Next.
  5. On the Select installation type screen, ensure Role-based or feature-based installation is selected, and then click Next.
  6. On the Server selection screen, click Next.
  7. On the Select server roles screen, make sure the box next to File and Storage Services is checked.
  8. Click Next.
  9. If an Add features that are required box appears, click on Add Features
  10. On the Select feature screen, click Next.
  11. Confirm the installation details, and then click Install.

Now that you have File Services ready to go, you will have to:

  1. Open Server Manager and navigate to File and Storage Services.
  2. Once there, go to Shares and, from the Tasks menu, choose the New Share option.
  3. Select SMB Share, you can choose the any of the profiles.
    1. Quick will set up an SMB share that you can configure more later, while Advanced will give you more advanced options to choose from while setting it up. (This tutorial will go through the Advanced setup)
  4. Next, click the bubble to Type a custom path and browse to the folder you wish to share.
  5. Next, name the share. NOTE: The share name does not have to be the same as the folder. Though in order to maintain compatibility with most other systems, it would be best to use a name without spaces
    1. Pay attention to the Remote Path to Share. As that will be the path that people will use to connect to your share.
  6. In the next step you have a few extra options you can add in based on your needs.
  7. Next you will set up permissions for the share.
  8. Next, you will set up folder management properties. It will have you set things such as the purpose of the folder and the folder owner’s email.
  9. Next, you will set up a quota for the share, if you would like to set one up. This includes setting size limits and setting up alerts when the share is nearing the quota.
  10. Finally, review your settings and click Create to create the share.

 

Connect to a Windows Share (Windows):

  1. Open My Computer
  2. Select Map a Network Drive
  3. Select a Drive Letter to map the share to
  4. Type in the address of the share you wish to connect to
  5. Select Connect using Different Credentials
  6. Click Finish and enter your credentials for the shared drive

You can now access the share at the drive letter you selected

 

Now that you know how to make and connect to a couple different types of file shares, we are going to look at using SFTP.

 

Setting up SFTP:

In order to set up SFTP on a Unix machine, you only need to have SSH working. SSH comes installed by default on most Unix distributions.

  1. Using your favorite text editor, open the file /etc/ssh/sshd_config and add the following lines

 

Match Group sftpusers

    ChrootDirectory /home/%u

    ForceCommand internal-sftp

 

The first line tells it that only users who are a part of the group “sftpusers” can access the machine through SSH. The second line “jails” the user to their home directory, meaning they can only access that directory and any sub-directories. This is optional and you can set the directory to whichever directory you wish. The third and final line that you add forces ssh to use its own sftp program.

 

  1. Save the file, exit the editor, and restart ssh by running the command sudo service ssh restart
  2. After doing this, you must add the group “sftpusers” and then add the users you want to have sftp access to that group.
    1. Create the group with the command groupadd sftpusers
    2. Add users with the command usermod -a -G sftpusers {username} replacing {username} with the username of the user you wish to add to the group
  3. After completing that, you should be able to use SFTP to connect to and transfer files to and from this computer, but only using the credentials of the users in the group “sftpusers”.

 

Connecting via SFTP:

From a Unix computer:

  1. From a Unix computer with SFTP type in the command: sftp {username_on_remote_computer}@{ip_address_of_remote_computer}
  2. It may say that the host is unknown if this is the first time you have connected to the computer. Accept the host connection.
  3. Enter the password for the user on the remote computer and, if entered correctly, you will be connected.

From a Windows computer:

  1. Download and use the program FileZilla.
  2. Enter the host, your username, password, and port 22 at the top of the window and click Quick Connect
  3. You should now be connected to your computer using SFTP.

 

Tasks to try using over SFTP (After attempting each of these tasks, it might be a good idea to check to make sure they completed successfully):

  1. Navigate directory
    1. Windows – Double click a folder in the remote computer file listing
    2. Unix – use the command cd {directory_name} just like you are navigating normally
  2. Download a file from remote computer
    1. Windows – In Filezilla, double click a file from the remote computer directory listing
    2. Unix – type the command get {file_name} where {file_name} is the path of a file on your remote system
  3. Upload a file to remote computer
    1. Windows – In Filezilla, double click a file from the local computer directory listing
    2. Unix – type the command put {file_name} where {file_name} is the path of a file on your local system
  4. Create a directory
    1. Windows – Right click in the remote system directory listing, and choose the New Folder option
    2. Unix – type the command mkdir {directory_name} where {directory_name} is the name of the directory you want to create