LogoLogo
  • Home
  • Installation
    • Quick Start for MacOS and Windows
    • MacOS Installation Guides
      • MacOS Desktop Client Installation
      • MacOS CLI Client Installation
      • MacOS Device Installation
    • Linux Installation Guide
      • Linux Cli Client Installation
      • Linux Device Installation
    • Windows Installation Guide
      • Windows Desktop Client Installation
      • Windows CLI Client Installation
      • Windows Device Installation
    • Manual Installation Guides
      • Device installation
        • Tmux session
        • Standalone Binaries
        • Systemd Unit
        • Headless
      • Device Upgrade
      • Installs at scale
      • Client installation
      • Client Upgrade
    • OpenWrt Installation Guide
    • Custom OS/Device Installs
      • IPFire
    • Cloud Installation Guides
      • Automated Installation on Amazon Web Services (AWS)
      • Automated Installation on Google Cloud Platform (GCP)
      • Automated Installation on Microsoft Azure
      • Automated Installation on Oracle Cloud Infrastructure (OCI)
    • Available Releases
  • Installation FAQ
    • How to activate an atSign
    • Reuse your client atSign on another machine
      • Generate a new set of cryptographic keys
    • How to name a device
    • How to generate SSH keys
    • Why activate the device atSign on the client?
  • Usage
    • npt Usage
      • Additional Configuration
    • sshnp Usage
      • Client Additional Configuration
    • sshnpd configuration
      • Daemon Additional Configuration
  • Integrations
    • OpenSSH config
    • PuTTY config
  • Use Cases
    • SSH
    • SFTP
    • RDP
    • Web Server
    • SMB
    • Be your own VPN
  • Product Information
    • NoPorts Policy Service
    • FAQ
    • How It Works
    • Under The Hood
    • Sequence Diagram
  • Related Pages
    • Main Site
    • GitHub
Powered by GitBook
On this page
  • 1. Run the installer
  • 2. Configure the startup script
  • 3. Activate your device address
  • 3.a. First time activating your address
  • Enter the One Time Password (OTP) & Check your SPAM folder!
  • 3.b. Activated this address before
  • 4. Start the service
  • Observing the service
  • 5. All done!
Edit on GitHub
Export as PDF
  1. Installation
  2. Manual Installation Guides
  3. Device installation

Tmux session

Follow these four steps to run the NoPorts daemon within a tmux session

PreviousDevice installationNextStandalone Binaries

Last updated 11 months ago

1. Run the installer

  1. First, ensure tmux is installed on your machine:

[[ -n $(command -v tmux) ]] && echo 'Good to go!' || echo 'Uh oh! Install tmux before continuing...'

If tmux is not available, a quick web search of Install tmux for <your distro> should help you easily install it. Most distros include the tmux package in their repository.

  1. Change directories into the unpacked download:

cd sshnp
  1. Then run the installer:

./install.sh tmux sshnpd

This will install the binaries to ~/.local/bin. Instead, if you'd like to install the binaries to /usr/local/bin, run the installer as root:

sudo ./install.sh tmux sshnpd
  1. First, ensure tmux is installed on your machine:

[[ -n $(command -v tmux) ]] && echo 'Good to go!' || echo 'Uh oh! Install tmux before continuing...'

If tmux is not available, the recommended way to install tmux on macOS is with .

[[ -n $(command -v brew) ]] && brew install tmux || echo 'brew not installed, first install brew at https://brew.sh, then run this command again.'
  1. Change directories into the unpacked download:

cd sshnp
  1. Then run the installer:

./install.sh tmux sshnpd

This will install the binaries to ~/.local/bin. Instead, if you'd like to install the binaries to /usr/local/bin, run the installer as root:

sudo ./install.sh tmux sshnpd

2. Configure the startup script

After installing the startup script, we must configure it, with nano or vi depending on your preference.

nano ~/.local/bin/sshnpd.sh

or

vi ~/.local/bin/sshnpd.sh

You'll then be greeted with a file that looks like this:

Replace $user with the running sshnpd

Replace $device_atsign with the

Replace $manager_atsign with the

Replace $device_name with your own for this device. You will need this value later, so don't forget it.

$device_name must be alphanumeric snake case, max length 30 - e.g. dev_abc1

Add any additional config to the end of the line where sshnpd is run, some useful flags you should consider adding:

  • -u : "unhide" the device, sharing the username and making it discoverable by sshnp --list-devices

  • -s : "ssh-public-key", allow ssh public keys to be shared by sshnp and automatically authorized by sshd, saves you from dealing with ssh public key management. If multiple people use the device, we recommend leaving this off and managing ssh public keys yourself.

  • To see the rest of the available options run sshnpd to see the usage.

3. Activate your device address

3.a. First time activating your address

We will now activate the device address, you only need to activate the device address now. The client address will be activated later during the client installation.

Now that you have at_activate installed, you can invoke the command with the name of the address you would like to activate:

./at_activate -a @my_noports_device

Now that you have at_activate installed, you can invoke the command with the name of the address you would like to activate:

./at_activate -a @my_noports_device

Enter the One Time Password (OTP) & Check your SPAM folder!

The application will pause and wait for the input of a one time pin (OTP) before you can continue. You should receive this pin to the contact information associated with the registration of your noports address (i.e. email or text message). ***If you are using a gmail.com account we have seen that sometimes the OTP gets stuck in the SPAM or PROMOTIONS folder. If you do not see the OTP check those folders.

Once you receive the message, enter the pin into the application and press enter to continue. The application should proceed to create the cryptographic keys and store them at .

An address can only be activated once, to install this address to future devices, you must copy this file to the device (see 3.b.).

3.b. Activated this address before

If you have activated the device address before, you must copy the address from another machine where it's been activated.

The address will be located at . Copy this file from your other machine to the same location on the machine that you are installing sshnpd on.

4. Start the service

The tmux service will automatically be started by the cron @reboot directive when your machine restarts. If you would like to start it immediately, note that you must make sure to disown the tmux process so that it doesn't hangup when you logout.

Run the following command to start it immediately:

nohup &>/dev/null tmux new-session -d -s sshnpd && tmux send-keys -t sshnpd $HOME/.local/bin/sshnpd.sh C-m

Observing the service

You can use regular tmux commands to observe the service:

tmux a -t sshnpd

To detach from the tmux session use the keybind Ctrl + B, D. This will safely detach from the tmux session without killing it.

5. All done!

If you don't own a pair of noports addresses, please visit before continuing.

Your tmux session is ready to go, you can now proceed to , or if you've already done that, checkout our .

homebrew
the registrar
installing your client
usage guide
https://github.com/atsign-foundation/noports/blob/trunk/packages/dart/sshnoports/bundles/shell/headless/sshnpd.sh
#!/bin/sh
# disable "var is referenced but not assigned" warning for template
# shellcheck disable=SC2154
# SCRIPT METADATA
binary_path="$HOME/.local/bin"
manager_atsign="@example_client" # MANDATORY: Manager/client address/Comma separated addresses (atSign/s)
device_atsign="@example_device"  # MANDATORY: Device address (atSign)
device_name="default"            # Device name
user="$(whoami)"                 # MANDATORY: Username
v="-v"                           # Comment to disable verbose logging
s="-s"                           # Comment to disable sending public keys
u="-u"                           # Comment to disable sending user information
delegate_policy=""
# END METADATA

sleep 10 # allow machine to bring up network
export USER="$user"
while true; do
	# The line below runs the sshnpd service, with the options set above.
	# You can edit this line to further customize the service to your needs.
	"$binary_path"/sshnpd -a "$device_atsign" -m "$manager_atsign" -d "$device_name" "$delegate_policy" "$s" "$u" "$v"
	sleep 10
done