Share an USB HDD to somebody in the world
This article is going to be short but may be useful to some of you! Situation:
— a personal server at home running Debian 8 Jessie;
— an USB HDD formatted with NTFS and with lot of precious data;
— a person far away, with PC running Windows OS and behind an untouchable router.
Task: share contents of the USB HDD to the far away person as transparent as possible (it means FTP/SFTP are kicked off from the start). Here is my solution!
First, we need to install several packages to install (I am assuming you have already got root privileges):
apt-get install ntfs-3g samba
Before going further I need to explain why Samba and not NFS — the end user has Windows 8.1 non-Enterprise edition installed. Yeah, Microsoft moved NFS capabilities from Professional edition to the Enterprise one starting with Windows 8! Illegal upgrade is not a solution in my case, so I had to choose Samba aka Windows Share. Here rises another question — how to use Samba over Internet? Because I already have deployed OpenVPN I decided to use it. It’s simple, no need to make changes on my router and secure (everything is encrypted). About OpenVPN I will write an article ASAP!
Next step — connect the USB HDD to the server and mount it in the right way:
chown nobody:nogroup /mnt/usbhdd
chmod 770 /mnt/usbhdd
usermod -a -G nogroup x_user
mount -t ntfs-3g -o rw,uid=nobody,gid=nogroup,dmask=007,fmask=117 /dev/sdX /mnt/usbhdd
Some explanations here. We create a directory for which we change the owner to nobody — this is done because I couldn’t set up access to the Samba resources by login/pass mechanism, so I am using guest mode. Also we give full read, write and access rights to the owner and owner’s group. This becomes clear with the next command which includes our user, x_user (replace with yours!), to the owner’s group. It allows us to manipulate files without elevation to the root privileges. Last command mounts in read and write mode the sdX (replace X with corresponding letter and number!) partition to the desired directory. The options tells the system that the owner will be nobody from the nogroup group, all directories will have 770 rights and all files will be accessible by 660. In this way both guest Samba user and our own user will have full access to everything on the mounted partition.
Samba needs to be correspondingly configured:
nano /etc/samba/smb.conf #contents here: http://pastebin.com/ehG6Vg1H
In most cases you will need to change only one thing in the sample configuration I gave — path (point it to the newly created directory). Now we need to apply our configuration
service nmbd restart && service smbd restart
Now tell the end user to open Windows Explorer, type in the address bar \\x.x.x.x (replace x.x.x.x correspondingly to your OpenVPN configuration) and press Enter. Yep, everybody is happy! For the sake of automation this path can be mounted as a Network Drive on the Windows. But let this be your homework!