 |
 |
SSH tunneling AFP between Tiger and Leopard broken?
|
|
|
|
|
Posting Junkie
Join Date: Nov 2000
Location: in front of my Mac
Status:
Offline
|
|
I have an old Tiger Mac storing some files. With Tiger I used to be able to open up an ssh tunnel to that Mac and forward AFP over it.
ssh -L 10548:TigerMac.somewhere.com:548 [email protected]
afp://localhost:10548
That worked like a charm and allowed me to use AFP as a perfectly secure way to do file management through a GUI.
But now if I try that same thing from a Leopard Mac it just doesn't work. After doing
afp://localhost:10548
in Leopard Finder it takes a while to time out and then Leopard Finder says The Finder cannot complete the operation because some data in "afp:localhost:10548" could not be read or written. (Error code -36).
But I know the Tiger Mac's AFP file sharing is working because locally a simple
afp://TigerMac.somewhere.com
works just fine.
I also know that port forwarding is working since if I use any other random port like
afp://localhost:19999
it immediately gives an error saying that the connection failed.
So why is this simple SSH tunnel for AFP not working like it should? Any ideas what's causing this trouble? What has Apple changed in the Leopard AFP client that could cause these issues?
|
|
•
|
| |
|
|
|
|
|
|
|
Mac Enthusiast
Join Date: May 2001
Status:
Offline
|
|
I noticed a similar problem when tunneling to a web proxy, I was able to fix it by replacing "localhost" with "127.0.0.1", not sure why, but it works now.
|
|
|
| |
|
|
|
|
|
|
|
Posting Junkie
Join Date: Nov 2000
Location: in front of my Mac
Status:
Offline
|
|
Thanks for the tip. 
Unfortunately it didn't work. In Leopard Finder I tried to connect to
afp://127.0.0.1:10548
and I got the same behavior as I described above.
|
|
•
|
| |
|
|
|
|
|
|
|
Clinically Insane
Join Date: Mar 2001
Location: yes
Status:
Offline
|
|
Why not just use SSHfs and simply your setup here?
|
|
|
| |
|
|
|
|
|
|
|
Posting Junkie
Join Date: Nov 2000
Location: in front of my Mac
Status:
Offline
|
|
I want to use built in and stable tools like SSH and AFS. I don't feel like loading developmental kernel extensions and running extra daemons to do something as simple as this.
In addition I'm curious to find out why something that used to work extremely well suddenly doesn't. Simply switching to an another method doesn't do that.
|
|
•
|
| |
|
|
|
|
|
|
|
Clinically Insane
Join Date: Mar 2001
Location: yes
Status:
Offline
|
|
Can you get a response telnetting to that port on localhost? If so, my guess would be protocol level differences in AFS/AFP between the two OSes are causing this problem. I would troubleshoot by trying to troubleshoot whether you are experiencing a network related issue vs. a protocol level issue. If you cannot get a network response on that port, you need to focus your attention accordingly, at this point AFS/AFP becomes irrelevant.
The reason I suggested SSHfs was because you wouldn't have to run additional daemons since you're already utilizing SSH. Running a kernel extension is a downside, although the upside is that I've found SSHfs to be much faster. I haven't had a problem with its stability at all, FWIW...
|
|
|
| |
|
|
|
|
|
|
|
Posting Junkie
Join Date: Nov 2000
Location: in front of my Mac
Status:
Offline
|
|
Originally Posted by besson3c 
Can you get a response telnetting to that port on localhost? If so, my guess would be protocol level differences in AFS/AFP between the two OSes are causing this problem.
Thanks for that idea!
At least I'm now certain I'm actually getting through to the Tiger Mac.
***:~ simon$ telnet localhost 10548
Trying ::1...
Connected to localhost.
Escape character is '^]'.
Connection closed by foreign host.
***:~ simon$
So why is AFP not answering like it should?
|
|
•
|
| |
|
|
|
|
|
|
|
Clinically Insane
Join Date: Mar 2001
Location: yes
Status:
Offline
|
|
What network interface is your AFP server bound to? On the server, try a:
netstat -a | grep -i listen
and provide your output here?
|
|
|
| |
|
|
|
|
|
|
|
Posting Junkie
Join Date: Nov 2000
Location: in front of my Mac
Status:
Offline
|
|
***:~ simon$ netstat -a | grep -i listen
tcp46 0 0 *.http-alt *.* LISTEN
tcp4 0 0 localhost.45100 *.* LISTEN
tcp46 0 0 *.49219 *.* LISTEN
tcp46 0 0 *.50001 *.* LISTEN
tcp4 0 0 localhost.6880 *.* LISTEN
tcp4 0 0 *.afpovertcp *.* LISTEN
tcp46 0 0 *.afpovertcp *.* LISTEN
tcp4 0 0 *.5900 *.* LISTEN
tcp4 0 0 localhost.netinfo-loca *.* LISTEN
tcp4 0 0 *.ssh *.* LISTEN
tcp6 0 0 *.22 *.* LISTEN
5900 is the VNC server. 50001 is BT. I'm not sure about 6800 and 49219 though. 
|
|
•
|
| |
|
|
|
|
|
|
|
Clinically Insane
Join Date: Mar 2001
Location: yes
Status:
Offline
|
|
Well, afpovertcp is bound to all interfaces, so you should be set. I have no idea what those two other ports are being used for either, they are not used for standard services. Maybe some application you have open? If you wanted to, you could run a tcpdump to figure out what traffic is being directed there.
At any rate, networking-wise your tunnel and service should be working just fine. You might want to research whether there were protocol level changes in AFP between OSes, it looks like your problem lies there.
|
|
|
| |
|
|
|
|
|
|
|
Posting Junkie
Join Date: Nov 2000
Location: in front of my Mac
Status:
Offline
|
|
Originally Posted by besson3c
At any rate, networking-wise your tunnel and service should be working just fine. You might want to research whether there were protocol level changes in AFP between OSes, it looks like your problem lies there.
That was my guess as well. It appears the network is OK. I'm assuming Apple has changed AFP in Leopard compared to Tiger. I am hoping there is some kind of way of fixing this. Does anybody have any ideas what this error -36 is?
|
|
•
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
 
|
|
|
Forum Rules
|
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|
Top