Edit

Linux to Windows

How to install NoPorts when connecting from Linux to Windows

Step 1 to Step 4

These initial steps set up the machine initiating the connection.

On the machine you are connecting from

In this installation guide, @example01_np will represent the client atSign, while @example02_np will represent the device atSign.

Step 1: Download and run the Installer

Download the installer from GitHub by running the following command:

curl -L https://github.com/atsign-foundation/noports/releases/latest/download/universal.sh -o universal.sh

To check if the installation downloaded correctly:

stat universal.sh

Make the script executable and run the script by running the command below:

chmod u+x universal.sh
./universal.sh

You may be asked to enter your password if your machine requires sudo privileges.

The install type

  • Enter client when prompted.

Your atSigns (Skip this step)

  • To skip this step, simply press the Enter/Return key twice. Your atSigns will be activated in the upcoming steps.

Step 2: Activate your client atSign (@example01_np)

If you've already activated your client atSign on another device, this step will not work. Instead, follow this guide: Reuse your client atSign on another machine

This command activates your atSign and prompts you to enter an OTP. This is only done during the setup of a brand new atSign.

Replace @<REPLACE>_np with your client atSign.

~/.local/bin/at_activate -a @<REPLACE>_np

Enter the one-time password (OTP) & Check your SPAM/PROMOTIONS folders

at_activate will pause and wait for the input of a one-time pin (OTP) sent to your email or phone number. Once activated, the master keys will save at ~/.atsign/keys.

Step 3: Activate your device atSign (@example02_np)

Run the same command, but for your device atSign.

Replace @<REPLACE>_np with your device atSign.

~/.local/bin/at_activate -a @<REPLACE>_np

Enter the one-time password (OTP) & Check your SPAM/PROMOTIONS folders

at_activate will pause and wait for the input of a one-time pin (OTP) sent to your email or phone number. Once activated, the master keys will save at ~/.atsign/keys.

Step 4: Generate an atSign authorization passcode for your device atSign

Run the following command to generate a 6-character one-time passcode. You will use this passcode in Step 6.

Replace @<REPLACE>_np with your device atSign.

~/.local/bin/at_activate otp -a @<REPLACE>_np

Step 5 to Step 7

After setting up the machine you're connecting from, you'll configure the machine you're connecting to.

On the machine you are connecting to

Step 5: Download and run the Installer

Download the msi installer from GitHub. You can run the msi right from the windows-bundle.zip.

Ensure both Core Tools & Daemon Service are being installed.

Step 6: Initiate device atSign authorization request

Run the following command to make an authorization request.

Be sure to replace the following values:

@<REPLACE>_np with your device atSign,

<PASSCODE> with the passcode generated in Step 4,

<USER> with your Windows username,

@<REPLACE>_np_key with your device atSign,

<DEVICE_NAME> with the name of the machine you are on

at_activate.exe enroll -a "@<REPLACE>_np" `
  -s <PASSCODE> `
  -p noports `
  -k C:\Users\<USER>\.atsign\keys\@<REPLACE>_np_key.atKeys `
  -d <DEVICE_NAME> `
  -n "sshnp:rw,sshrvd:rw"

Once you see this text, you're ready to continue to the next step.

Submitting enrollment request 
Enrollment ID: ---------------------
Waiting for approval; will check every 10 seconds

If you encounter a handshake exception, it usually means your root certificates are outdated. To refresh them, run the following command with administrator privileges:Install-Script -Name UpdateRootCertificates

Step 7: Setup Service Config on Device

The service config lives in C:\Program Data\NoPorts\sshnpd.yaml, you can open it in notepad with this command:

Make sure you run notepad/terminal as administrator or else you won't be able to save your changes!

notepad C:\ProgramData\NoPorts\sshnpd.yaml

Ensure you provide the following fields to your service config:

  • atsign

    • atsign: example02_np

    • atsign: '@example02_np'

  • keys (windows path)

    • keys: C:\Users\alice\.atsign\keys\@example02_np_key.atKeys

  • manager

    • manager: example01_np

    • manager: '@example01_np'

Examples on how to fill in the fields are inside the config file.

Step 8 and Step 9

With both machines now configured, the final steps bring us back to the machine initiating the connection.

On the machine you are connecting from

Step 8: Approve the atSign authorization request

Run the following command:

Be sure to replace the following values:

@<REPLACE>_np with your device atSign,

@<REPLACE_NAME> with the device name from Step 5.

~/.local/bin/at_activate approve -a @<REPLACE>_np --arx NoPorts --drx <DEVICE_NAME>

Step 9: Use NoPorts!

That's it. You can start using NoPorts or explore some of the documented use cases, including MCP, SSH, RDP, SFTP, Web Server, and SMB.

Last updated