.nsh 怎么样运行_如何在Ubuntu 18.04上使用nsh运行安全的远程命令

.nsh 怎么样运行

介绍 (Introduction)

It can often be difficult to manage multiple machines on a daily basis. While Secure Shell (SSH) is a good choice for remote access, the protocol itself has some drawbacks in both convenience and security.

每天通常很难管理多台计算机。 尽管Secure Shell(SSH)是远程访问的不错选择，但该协议本身在便利性和安全性方面都有一些缺点。

For instance, remote machines need to have a public IP address and a forwarded port in order to access them, which exposes them to the internet, or at least a larger network. This is especially concerning if you use a password for authentication instead of a public and private key pair. Furthermore, if you don’t know the remote machine’s public key in advance, you might be vulnerable to a “man-in-the-middle” attack. And many remote machines you want to access either don’t have public IP address, or they have a dynamic IP address you might not know.

例如，远程机器需要具有公共IP地址和转发端口才能访问它们，这会将它们公开给Internet或至少是更大的网络。 如果您使用密码而不是公用和专用密钥对进行身份验证，则尤其要注意这一点。 此外，如果您事先不知道远程计算机的公钥，则可能容易受到“ 中间人 ”攻击。 而且您要访问的许多远程计算机都没有公用IP地址，或者它们具有您可能不知道的动态IP地址。

In addition, SSH requires one connection per remote session. If a user needs to run a single command across hundreds or even thousands of machines, they must first establish a connection to each machine with a TCP handshake, which is less efficient.

此外，SSH要求每个远程会话一个连接。 如果用户需要在数百甚至数千台计算机上运行单个命令，则他们必须首先通过TCP握手建立与每台计算机的连接，这会降低效率。

NKN Shell, or nsh, is an alternative to SSH that provides a convenient and secure way to run remote commands. nsh takes advantage of NKN’s global public network which provides secure and decentralized data transmission. The architecture uses unique addresses that contain a public key used for both routing and end-to-end encryption without any public key infrastructure (PKI). The network also does not require the remote server to have a public IP address. The remote server only needs to have Internet access and be able to establish outbound HTTP and websocket connections. As a result, your remote machines are not exposed to the open Internet.

NKN Shell或nsh是SSH的替代方法，它提供了一种方便且安全的方式来运行远程命令。 nsh利用NKN的全球公共网络提供安全和分散的数据传输。 该体系结构使用唯一的地址，该地址包含用于路由和端到端加密的公共密钥，而没有任何公共密钥基础结构(PKI)。 网络也不需要远程服务器具有公共IP地址。 远程服务器只需要可以访问Internet并能够建立出站HTTP和Websocket连接。 因此，您的远程计算机不会暴露在开放的Internet中。

In this tutorial you will use the NKN shell daemon and the NKN Shell Client Xterm applications to execute commands on a remote machine. To do so, you will install and configure the NKN Shell daemon on a remote machine with internet access, generate a key pair, and make your connection from a client.

在本教程中，您将使用NKN Shell守护程序和NKN Shell Client Xterm应用程序在远程计算机上执行命令。 为此，您将在具有Internet访问权限的远程计算机上安装和配置NKN Shell守护程序，生成密钥对，并与客户端建立连接。

先决条件 (Prerequisites)

To follow this tutorial you will need the following:

要遵循本教程，您将需要以下内容：

• One Ubuntu 18.04 server set up by following