.nsh 怎么样运行
介绍 (Introduction)
It can often be difficult to manage multiple machines on a daily basis. While Secure Shell (SSH) is a good choice for remote access, the protocol itself has some drawbacks in both convenience and security.
每天通常很难管理多台计算机。 尽管Secure Shell(SSH)是远程访问的不错选择,但该协议本身在便利性和安全性方面都有一些缺点。
For instance, remote machines need to have a public IP address and a forwarded port in order to access them, which exposes them to the internet, or at least a larger network. This is especially concerning if you use a password for authentication instead of a public and private key pair. Furthermore, if you don’t know the remote machine’s public key in advance, you might be vulnerable to a “man-in-the-middle” attack. And many remote machines you want to access either don’t have public IP address, or they have a dynamic IP address you might not know.
例如,远程机器需要具有公共IP地址和转发端口才能访问它们,这会将它们公开给Internet或至少是更大的网络。 如果您使用密码而不是公用和专用密钥对进行身份验证,则尤其要注意这一点。 此外,如果您事先不知道远程计算机的公钥,则可能容易受到“ 中间人 ”攻击。 而且您要访问的许多远程计算机都没有公用IP地址,或者它们具有您可能不知道的动态IP地址。
In addition, SSH requires one connection per remote session. If a user needs to run a single command across hundreds or even thousands of machines, they must first establish a connection to each machine with a TCP handshake, which is less efficient.
此外,SSH要求每个远程会话一个连接。 如果用户需要在数百甚至数千台计算机上运行单个命令,则他们必须首先通过TCP握手建立与每台计算机的连接,这会降低效率。
NKN Shell, or nsh, is an alternative to SSH that provides a convenient and secure way to run remote commands. nsh takes advantage of NKN’s global public network which provides secure and decentralized data transmission. The architecture uses unique addresses that contain a public key used for both routing and end-to-end encryption without any public key infrastructure (PKI). The network also does not require the remote server to have a public IP address. The remote server only needs to have Internet access and be able to establish outbound HTTP and websocket connections. As a result, your remote machines are not exposed to the open Internet.
NKN Shell或nsh是SSH的替代方法,它提供了一种方便且安全的方式来运行远程命令。 nsh利用NKN的全球公共网络提供安全和分散的数据传输。 该体系结构使用唯一的地址,该地址包含用于路由和端到端加密的公共密钥,而没有任何公共密钥基础结构(PKI)。 网络也不需要远程服务器具有公共IP地址。 远程服务器只需要可以访问Internet并能够建立出站HTTP和Websocket连接。 因此,您的远程计算机不会暴露在开放的Internet中。
In this tutorial you will use the NKN shell daemon and the NKN Shell Client Xterm applications to execute commands on a remote machine. To do so, you will install and configure the NKN Shell daemon on a remote machine with internet access, generate a key pair, and make your connection from a client.
在本教程中,您将使用NKN Shell守护程序和NKN Shell Client Xterm应用程序在远程计算机上执行命令。 为此,您将在具有Internet访问权限的远程计算机上安装和配置NKN Shell守护程序,生成密钥对,并与客户端建立连接。
先决条件 (Prerequisites)
To follow this tutorial you will need the following:
要遵循本教程,您将需要以下内容:
One Ubuntu 18.04 server set up by following