From 6315a313f5e7d2db0d436fb66ab587a15eaaa3f9 Mon Sep 17 00:00:00 2001
From: xavierchanth <xchanthavong@gmail.com>
Date: Fri, 30 Jun 2023 18:34:13 -0400
Subject: [PATCH 1/5] refactor: move sshnoports to packages folder

---
 .startup.sh => packages/sshnoports/.startup.sh                    | 0
 Dockerfile => packages/sshnoports/Dockerfile                      | 0
 Dockerfile.package => packages/sshnoports/Dockerfile.package      | 0
 .../sshnoports/analysis_options.yaml                              | 0
 {bin => packages/sshnoports/bin}/activate_cli.dart                | 0
 {bin => packages/sshnoports/bin}/sshnp.dart                       | 0
 {bin => packages/sshnoports/bin}/sshnpd.dart                      | 0
 {bin => packages/sshnoports/bin}/sshrv.dart                       | 0
 {bin => packages/sshnoports/bin}/sshrvd.dart                      | 0
 {lib => packages/sshnoports/lib}/cleanup_sshnp.dart               | 0
 {lib => packages/sshnoports/lib}/service_factories.dart           | 0
 {lib => packages/sshnoports/lib}/sshnp.dart                       | 0
 {lib => packages/sshnoports/lib}/sshnp_utils.dart                 | 0
 {lib => packages/sshnoports/lib}/sync_listener.dart               | 0
 {lib => packages/sshnoports/lib}/version.dart                     | 0
 pubspec.yaml => packages/sshnoports/pubspec.yaml                  | 0
 {templates => packages/sshnoports/templates}/client/sshnp-full.sh | 0
 .../sshnoports/templates}/client/sshnp-simple.sh                  | 0
 {templates => packages/sshnoports/templates}/headless/sshnpd.sh   | 0
 {templates => packages/sshnoports/templates}/headless/sshrvd.sh   | 0
 {templates => packages/sshnoports/templates}/systemd/README.md    | 0
 .../templates}/systemd/etc/systemd/system/sshnpd.service          | 0
 {templates => packages/sshnoports/templates}/tmux/tmux-sshnpd.sh  | 0
 {templates => packages/sshnoports/templates}/tmux/tmux-sshrvd.sh  | 0
 {test => packages/sshnoports/test}/sshnp_test.dart                | 0
 25 files changed, 0 insertions(+), 0 deletions(-)
 rename .startup.sh => packages/sshnoports/.startup.sh (100%)
 rename Dockerfile => packages/sshnoports/Dockerfile (100%)
 rename Dockerfile.package => packages/sshnoports/Dockerfile.package (100%)
 rename analysis_options.yaml => packages/sshnoports/analysis_options.yaml (100%)
 rename {bin => packages/sshnoports/bin}/activate_cli.dart (100%)
 rename {bin => packages/sshnoports/bin}/sshnp.dart (100%)
 rename {bin => packages/sshnoports/bin}/sshnpd.dart (100%)
 rename {bin => packages/sshnoports/bin}/sshrv.dart (100%)
 rename {bin => packages/sshnoports/bin}/sshrvd.dart (100%)
 rename {lib => packages/sshnoports/lib}/cleanup_sshnp.dart (100%)
 rename {lib => packages/sshnoports/lib}/service_factories.dart (100%)
 rename {lib => packages/sshnoports/lib}/sshnp.dart (100%)
 rename {lib => packages/sshnoports/lib}/sshnp_utils.dart (100%)
 rename {lib => packages/sshnoports/lib}/sync_listener.dart (100%)
 rename {lib => packages/sshnoports/lib}/version.dart (100%)
 rename pubspec.yaml => packages/sshnoports/pubspec.yaml (100%)
 rename {templates => packages/sshnoports/templates}/client/sshnp-full.sh (100%)
 rename {templates => packages/sshnoports/templates}/client/sshnp-simple.sh (100%)
 rename {templates => packages/sshnoports/templates}/headless/sshnpd.sh (100%)
 rename {templates => packages/sshnoports/templates}/headless/sshrvd.sh (100%)
 rename {templates => packages/sshnoports/templates}/systemd/README.md (100%)
 rename {templates => packages/sshnoports/templates}/systemd/etc/systemd/system/sshnpd.service (100%)
 rename {templates => packages/sshnoports/templates}/tmux/tmux-sshnpd.sh (100%)
 rename {templates => packages/sshnoports/templates}/tmux/tmux-sshrvd.sh (100%)
 rename {test => packages/sshnoports/test}/sshnp_test.dart (100%)

diff --git a/.startup.sh b/packages/sshnoports/.startup.sh
similarity index 100%
rename from .startup.sh
rename to packages/sshnoports/.startup.sh
diff --git a/Dockerfile b/packages/sshnoports/Dockerfile
similarity index 100%
rename from Dockerfile
rename to packages/sshnoports/Dockerfile
diff --git a/Dockerfile.package b/packages/sshnoports/Dockerfile.package
similarity index 100%
rename from Dockerfile.package
rename to packages/sshnoports/Dockerfile.package
diff --git a/analysis_options.yaml b/packages/sshnoports/analysis_options.yaml
similarity index 100%
rename from analysis_options.yaml
rename to packages/sshnoports/analysis_options.yaml
diff --git a/bin/activate_cli.dart b/packages/sshnoports/bin/activate_cli.dart
similarity index 100%
rename from bin/activate_cli.dart
rename to packages/sshnoports/bin/activate_cli.dart
diff --git a/bin/sshnp.dart b/packages/sshnoports/bin/sshnp.dart
similarity index 100%
rename from bin/sshnp.dart
rename to packages/sshnoports/bin/sshnp.dart
diff --git a/bin/sshnpd.dart b/packages/sshnoports/bin/sshnpd.dart
similarity index 100%
rename from bin/sshnpd.dart
rename to packages/sshnoports/bin/sshnpd.dart
diff --git a/bin/sshrv.dart b/packages/sshnoports/bin/sshrv.dart
similarity index 100%
rename from bin/sshrv.dart
rename to packages/sshnoports/bin/sshrv.dart
diff --git a/bin/sshrvd.dart b/packages/sshnoports/bin/sshrvd.dart
similarity index 100%
rename from bin/sshrvd.dart
rename to packages/sshnoports/bin/sshrvd.dart
diff --git a/lib/cleanup_sshnp.dart b/packages/sshnoports/lib/cleanup_sshnp.dart
similarity index 100%
rename from lib/cleanup_sshnp.dart
rename to packages/sshnoports/lib/cleanup_sshnp.dart
diff --git a/lib/service_factories.dart b/packages/sshnoports/lib/service_factories.dart
similarity index 100%
rename from lib/service_factories.dart
rename to packages/sshnoports/lib/service_factories.dart
diff --git a/lib/sshnp.dart b/packages/sshnoports/lib/sshnp.dart
similarity index 100%
rename from lib/sshnp.dart
rename to packages/sshnoports/lib/sshnp.dart
diff --git a/lib/sshnp_utils.dart b/packages/sshnoports/lib/sshnp_utils.dart
similarity index 100%
rename from lib/sshnp_utils.dart
rename to packages/sshnoports/lib/sshnp_utils.dart
diff --git a/lib/sync_listener.dart b/packages/sshnoports/lib/sync_listener.dart
similarity index 100%
rename from lib/sync_listener.dart
rename to packages/sshnoports/lib/sync_listener.dart
diff --git a/lib/version.dart b/packages/sshnoports/lib/version.dart
similarity index 100%
rename from lib/version.dart
rename to packages/sshnoports/lib/version.dart
diff --git a/pubspec.yaml b/packages/sshnoports/pubspec.yaml
similarity index 100%
rename from pubspec.yaml
rename to packages/sshnoports/pubspec.yaml
diff --git a/templates/client/sshnp-full.sh b/packages/sshnoports/templates/client/sshnp-full.sh
similarity index 100%
rename from templates/client/sshnp-full.sh
rename to packages/sshnoports/templates/client/sshnp-full.sh
diff --git a/templates/client/sshnp-simple.sh b/packages/sshnoports/templates/client/sshnp-simple.sh
similarity index 100%
rename from templates/client/sshnp-simple.sh
rename to packages/sshnoports/templates/client/sshnp-simple.sh
diff --git a/templates/headless/sshnpd.sh b/packages/sshnoports/templates/headless/sshnpd.sh
similarity index 100%
rename from templates/headless/sshnpd.sh
rename to packages/sshnoports/templates/headless/sshnpd.sh
diff --git a/templates/headless/sshrvd.sh b/packages/sshnoports/templates/headless/sshrvd.sh
similarity index 100%
rename from templates/headless/sshrvd.sh
rename to packages/sshnoports/templates/headless/sshrvd.sh
diff --git a/templates/systemd/README.md b/packages/sshnoports/templates/systemd/README.md
similarity index 100%
rename from templates/systemd/README.md
rename to packages/sshnoports/templates/systemd/README.md
diff --git a/templates/systemd/etc/systemd/system/sshnpd.service b/packages/sshnoports/templates/systemd/etc/systemd/system/sshnpd.service
similarity index 100%
rename from templates/systemd/etc/systemd/system/sshnpd.service
rename to packages/sshnoports/templates/systemd/etc/systemd/system/sshnpd.service
diff --git a/templates/tmux/tmux-sshnpd.sh b/packages/sshnoports/templates/tmux/tmux-sshnpd.sh
similarity index 100%
rename from templates/tmux/tmux-sshnpd.sh
rename to packages/sshnoports/templates/tmux/tmux-sshnpd.sh
diff --git a/templates/tmux/tmux-sshrvd.sh b/packages/sshnoports/templates/tmux/tmux-sshrvd.sh
similarity index 100%
rename from templates/tmux/tmux-sshrvd.sh
rename to packages/sshnoports/templates/tmux/tmux-sshrvd.sh
diff --git a/test/sshnp_test.dart b/packages/sshnoports/test/sshnp_test.dart
similarity index 100%
rename from test/sshnp_test.dart
rename to packages/sshnoports/test/sshnp_test.dart

From 920e33fd5294344418197685e39dbd99ce74d6a8 Mon Sep 17 00:00:00 2001
From: xavierchanth <xchanthavong@gmail.com>
Date: Fri, 30 Jun 2023 18:34:30 -0400
Subject: [PATCH 2/5] chore: Update package-macos-arm64 script

---
 package-macos-arm64.sh       | 36 --------------------------------
 tools/package-macos-arm64.sh | 40 ++++++++++++++++++++++++++++++++++++
 2 files changed, 40 insertions(+), 36 deletions(-)
 delete mode 100755 package-macos-arm64.sh
 create mode 100755 tools/package-macos-arm64.sh

diff --git a/package-macos-arm64.sh b/package-macos-arm64.sh
deleted file mode 100755
index 5135f134c..000000000
--- a/package-macos-arm64.sh
+++ /dev/null
@@ -1,36 +0,0 @@
-#!/bin/bash
-
-if [ "$(uname)" != "Darwin" ]; then
-  echo "This script is only for macOS";
-  exit 1;
-fi
-
-if [ "$(uname -m)" != "arm64" ]; then
-  echo "This script is only for Apple Silicon";
-  exit 1;
-fi
-
-if [ -n "$FLUTTER_ROOT" ]; then
-  DART="$FLUTTER_ROOT/bin/dart"
-else
-  DART=$(which dart)
-fi
-
-eval "$DART pub upgrade"
-
-OUTPUT_DIR_PATH="build/macos-arm64"
-OUTPUT_DIR="$OUTPUT_DIR_PATH/sshnp"
-
-rm -r "$OUTPUT_DIR" build/sshnp-macos-arm64.tgz
-mkdir -p "$OUTPUT_DIR"
-
-eval "$DART compile exe -o $OUTPUT_DIR/sshnpd bin/sshnpd.dart"
-eval "$DART compile exe -o $OUTPUT_DIR/sshnp bin/sshnp.dart"
-eval "$DART compile exe -o $OUTPUT_DIR/sshrvd bin/sshrvd.dart"
-eval "$DART compile exe -o $OUTPUT_DIR/sshrv bin/sshrv.dart"
-eval "$DART compile exe -o $OUTPUT_DIR/at_activate bin/activate_cli.dart"
-
-cp -r templates $OUTPUT_DIR/templates;
-cp scripts/* "$OUTPUT_DIR/";
-
-tar czf build/sshnp-macos-arm64.tgz -C "$OUTPUT_DIR_PATH" sshnp
diff --git a/tools/package-macos-arm64.sh b/tools/package-macos-arm64.sh
new file mode 100755
index 000000000..2110ea6a9
--- /dev/null
+++ b/tools/package-macos-arm64.sh
@@ -0,0 +1,40 @@
+#!/bin/bash
+
+FULL_PATH_TO_SCRIPT="$(realpath "${BASH_SOURCE[-1]}")"
+SCRIPT_DIRECTORY="$(dirname "$FULL_PATH_TO_SCRIPT")"
+SRC_DIR="$SCRIPT_DIRECTORY/../packages/sshnoports"
+
+if [ "$(uname)" != "Darwin" ]; then
+  echo "This script is only for macOS";
+  exit 1;
+fi
+
+if [ "$(uname -m)" != "arm64" ]; then
+  echo "This script is only for Apple Silicon";
+  exit 1;
+fi
+
+if [ -n "$FLUTTER_ROOT" ]; then
+  DART="$FLUTTER_ROOT/bin/dart"
+else
+  DART=$(which dart)
+fi
+
+eval "$DART pub upgrade -C $SRC_DIR"
+
+OUTPUT_DIR_PATH="$SCRIPT_DIRECTORY/../build/macos-arm64"
+OUTPUT_DIR="$OUTPUT_DIR_PATH/sshnp"
+
+rm -r "$OUTPUT_DIR" build/sshnp-macos-arm64.tgz
+mkdir -p "$OUTPUT_DIR"
+
+eval "$DART compile exe -o $OUTPUT_DIR/sshnpd $SRC_DIR/bin/sshnpd.dart"
+eval "$DART compile exe -o $OUTPUT_DIR/sshnp $SRC_DIR/bin/sshnp.dart"
+eval "$DART compile exe -o $OUTPUT_DIR/sshrvd $SRC_DIR/bin/sshrvd.dart"
+eval "$DART compile exe -o $OUTPUT_DIR/sshrv $SRC_DIR/bin/sshrv.dart"
+eval "$DART compile exe -o $OUTPUT_DIR/at_activate $SRC_DIR/bin/activate_cli.dart"
+
+cp -r "$SRC_DIR/templates" "$OUTPUT_DIR/templates";
+cp "$SCRIPT_DIRECTORY/../scripts/*" "$OUTPUT_DIR/";
+
+tar czf build/sshnp-macos-arm64.tgz -C "$OUTPUT_DIR_PATH" sshnp

From af61fd563cf6f81a87541252eb31275e2c06c42e Mon Sep 17 00:00:00 2001
From: xavierchanth <xchanthavong@gmail.com>
Date: Fri, 30 Jun 2023 18:45:37 -0400
Subject: [PATCH 3/5] chore: move scripts, update workflows and docs

---
 .github/workflows/dockerhub_sshnpd.yml        |   3 +
 .github/workflows/multibuild.yaml             |   8 +-
 README.md                                     | 180 +-----------------
 packages/sshnoports/LICENSE                   |  29 +++
 packages/sshnoports/README.md                 | 180 ++++++++++++++++++
 .../sshnoports/scripts}/install_sshnp         |   0
 .../sshnoports/scripts}/install_sshnpd        |   0
 7 files changed, 223 insertions(+), 177 deletions(-)
 create mode 100644 packages/sshnoports/LICENSE
 create mode 100644 packages/sshnoports/README.md
 rename {scripts => packages/sshnoports/scripts}/install_sshnp (100%)
 rename {scripts => packages/sshnoports/scripts}/install_sshnpd (100%)

diff --git a/.github/workflows/dockerhub_sshnpd.yml b/.github/workflows/dockerhub_sshnpd.yml
index ed0414af3..7b31409eb 100644
--- a/.github/workflows/dockerhub_sshnpd.yml
+++ b/.github/workflows/dockerhub_sshnpd.yml
@@ -12,6 +12,9 @@ permissions:  # added using https://github.com/step-security/secure-workflows
 jobs:
   docker:
     runs-on: ubuntu-latest
+    defaults:
+      run:
+        working-directory: ./packages/sshnoports
     steps:
       -
         name: Checkout
diff --git a/.github/workflows/multibuild.yaml b/.github/workflows/multibuild.yaml
index 48eaebe2e..2bfa601cd 100644
--- a/.github/workflows/multibuild.yaml
+++ b/.github/workflows/multibuild.yaml
@@ -9,7 +9,9 @@ permissions:  # added using https://github.com/step-security/secure-repo
 jobs:
   x64_build:
     runs-on: ${{ matrix.os }}
-
+    defaults:
+      run:
+        working-directory: ./packages/sshnoports
     strategy:
       matrix:
         os: [ubuntu-latest, macOS-latest]
@@ -40,7 +42,9 @@ jobs:
   
   other_build:
     runs-on: ubuntu-latest
-
+    defaults:
+      run:
+        working-directory: ./packages/sshnoports
     steps:
       - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
       - uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2.2.0
diff --git a/README.md b/README.md
index 842f570f7..850a7aec5 100644
--- a/README.md
+++ b/README.md
@@ -1,180 +1,10 @@
-<img width=250px src="https://atsign.dev/assets/img/atPlatform_logo_gray.svg?sanitize=true" alt="The atPlatform logo">
+<img width=250px src="https://atsign.dev/assets/img/atPlatform_logo_gray.svg?sanitize=true">
 
 [![GitHub License](https://img.shields.io/badge/license-BSD3-blue.svg)](./LICENSE)
 [![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/atsign-foundation/sshnoports/badge)](https://api.securityscorecards.dev/projects/github.com/atsign-foundation/sshnoports)
 
-# SSH! No ports
-
-ssh no ports provides a way to ssh to a remote linux host/device without that
-device or the client having any open ports (not even 22) on external interfaces. All
-network connectivity is out bound and there is no need to know the IP
-address the device has been given. As long as the device and client has an IP address (public or private 1918),
-DNS and Internet access, you will be able to connect to it.
-
-## Quick demo
-![sshnp](https://github.com/atsign-foundation/sshnoports/assets/6131216/4ff005f1-230e-4621-9b33-f834caa9a1d1)
-
-
-There are five binaries:-
-
-`at_activate`  : Command line tool to "cut" your atSigns cryptographic keys and place them in ~/.atsign/keys with .atKeys extension
-
-`sshnpd` : The daemon that runs on the remote device
-
-`sshnp`  : The client that sets up a connection to the device which you
-can then ssh to via your localhost interface
-
-`sshrvd` : This daemon acts as a rendezvous service and provides Internet routable IP/Ports for sshnpd and sshrv to connect to
-
-`sshrv`  : This client is called by sshnp to connect the local sshd to the rendezvous point
-
-To get going you just need two (or three if you want to use your own sshrvd service) atSigns and their .atKeys files and the
-binaries (from the 
-[latest release](https://github.com/atsign-foundation/sshnoports/releases)).
-Once you have the atSigns (free or paid atSigns from [atsign.com](https://atsign.com)), drop the binaries in place
-on each machine and put the keys in `~/.atsign/keys` directory. You will need
-a device atSign and a manager atSign, but each device can also have a unique
-device name using the --device argument.
-
-Once in place you can start up the daemon first on the remote device.
-Remember to start the daemon on start up using rc.local script or similar, examples can be found in the scripts directory in this repo and in the release tar files.
-The daemon machine has to be running sshd even if only listening on localhost on an open port.
-
-`sshnpd.sh` : bash script
-`tmux-sshnpd.sh` : bash script that uses `tmux` to provide realtime logging/view of the running daemon
-
-```
-./sshnpd --atsign <@your_devices_atsign> --manager <@your_manager_atsign> \
---device <iot_device_name> -u -s
-```
-
-Once that has started up you can run the client code from another machine. The client machine has to be running sshd even if only listening on localhost on an open port.
-
-```
-./sshnp --from <@your_manager_atsign> --to <@your_devices_atsign>  \
---host <atSign of sshrvd or FQDN/IP of client machine>  --device <iot_device_name> -s <>
-```
-
-The --host specifies the atSign of the sshrvd or the DNS name of the openssh server of the client machine that the remote device can connect to. If everything goes to plan the client
-will complete and tell you how to connect to the remote host for example.
-
-Example command would be:-
-```
-./sshnp -f @cconstab -t @ssh_1 -d orac  -h @stream -s id_ed25519.pub
-```
-Which would output 
-```
-ssh -p 39011 cconstab@localhost -i /home/cconstab/.ssh/id_ed25519
-```
-
-When you run this you will be connected to the remote machine via a reverse
-ssh tunnel from the remote device. 
-
-If you want to do this in a single command use `$(<command>)` for example, note you can specify a ssh public key so you do not get asked for passwords. Use `ssh-keygen` to generate a new ssh key if you do not have one already to access the remote sshd.
-
-```
-$(./sshnp -f @myclient -t @myserver -d mymachine -h @myrz -s id_ed25519.pub)
-```
-
-Atsign provides a sshrvd service but if you want to run your own `sshrvd` you will need a machine that has an internet IP and all ports 1024-65535 unfirewalled and an atSign for the daemon to use.
-
-To run your own rendezvous service, simply run the `sshrvd` binary.  You may omit the manager atSign to allow all atSigns to use your rendezvous service. There are also flags like `-s` to snoop on traffic passing through the service. 
-```
-./sshrvd --atsign <@your_sshrvd_atsign> --manager <@manager_atsign> --ip <FQDN/IP address sent to clients>  
-```
-
-If you can now login using sshnp then you can now turn off sshd from listening on all external interfaces, and instead have ssh listen only on 127.0.0.1.
-
-That is easily done by editing `/etc/ssh/sshd_config`  
-
-```
-#Port 22
-#AddressFamily any
-ListenAddress 127.0.0.1
-#ListenAddress ::
-```
-
-And restarting the ssh daemon. Please make sure you start the sshnpd on
-startup and reboot and check. As this is beta code it is suggested to
-wrap the daemon in a shell script or have sysctld make sure it is running. 
-
-My preference whilst testing was to run the daemon in TMUX so that it is easy
-to see the logs (-v).
-
-
-### sshnpd (daemon) in a docker container
-
-The daemon can also be deployed as part of a pre-built docker container,
-that also has a number of networking tools installed. The container image
-is located on Dockerhub as `atsigncompany/sshnpd:latest` or you can build
-your own using the Dockerfile in the root of the project.
-
-The image expects to have the atKeys for the atSign being used in the
-`/atsign/.atsign/keys` directory, this can be mounted as a volume at startup
-of the docker run command using `-v $(pwd):/atsign/.atsign/keys/` assuming
-you are in the directory where the atKeys file is located. The full command
-to start the container would be something like this:-
-
-```
-docker run -v <location of atKeys>:/atsign/.atsign/keys/ atsigncompany/sshnpd "-a <atSign> -m <atSign> -d <device name> -v -u -s"
-```
-
-Once the container is running to log into the container the sshnp command
-would be used as normal, but you will log into the container not the host,
-from the container you could then log into the host or any other local
-network hosts you have access to.
-
-Docker is very well documented and if you want to keep the container running
-after a reboot if for some reason the container crashes is all easily achieved.
-
-
-## TWO Ways to run SSH! no ports daemons (root access NOT required)
-
-### `sshnpd.sh` and `sshrvd.sh` - plain old shell scripts and log file
-
-The scripts directory of this repo contains an example `sshnpd.sh` that can
-be run in a user's home directory (and assumes that the release has been
-`untar`'d there too). 
-Copy the file of interest to your home directory, so the next release does not over write your config e.g.
-
-`cp ~/sshnp/sshnpd.sh ~/sshnpd.sh`
-
-Make sure to replace the placeholders for sending <atSign> receiving <atSign>
-and <devicename>.
-
-You might also want to add a crontab entry to run the script on reboot:
-
-```
-@reboot ~/sshnpd.sh > ~/sshnpd.log 2>&1
-```
-
-### `tmux-sshnpd.sh` and `tmux-sshrvd.sh` - the power of tmux, highly recommended if tmux is installed `sudo apt install tmux`
-
-This runs the daemon inside a tmux session, which can be connected to in order
-to see logs.
-
-Copy the file of interest to your home directory, so the next release does not over write your config, e.g.
-
-`cp ~/sshnp/tmux-sshnpd.sh ~/tmux-sshnpd.sh`
-
-Once again, ensure that the placeholders are replaced, and this can be run
-by cron using:
-
-```
-@reboot ~/tmux-sshnpd.sh > ~/sshnpd.log 2>&1
-```
-
-## systemd units
-
-The systemd directory contains an example unit file with its own
-[README](systemd/README.md).
-
-## Maintainers
-
-Created by Atsign 
-
-Thoughts/bugs/contributions via PR all very welcome!
-
-
-Original code by [@cconstab](https://github.com/cconstab)
+# noports
+This repo contains the open source code of the Atsign's No Ports suite.
 
+* [sshnoports](./packages/sshnoports) provides a way to ssh to a remote linux host/device without that
+device or the client having any open ports (not even 22) on external interfaces.
diff --git a/packages/sshnoports/LICENSE b/packages/sshnoports/LICENSE
new file mode 100644
index 000000000..35e714e73
--- /dev/null
+++ b/packages/sshnoports/LICENSE
@@ -0,0 +1,29 @@
+BSD 3-Clause License
+
+Copyright (c) 2022, The Atsign Foundation
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+1. Redistributions of source code must retain the above copyright notice, this
+   list of conditions and the following disclaimer.
+
+2. Redistributions in binary form must reproduce the above copyright notice,
+   this list of conditions and the following disclaimer in the documentation
+   and/or other materials provided with the distribution.
+
+3. Neither the name of the copyright holder nor the names of its
+   contributors may be used to endorse or promote products derived from
+   this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/packages/sshnoports/README.md b/packages/sshnoports/README.md
new file mode 100644
index 000000000..842f570f7
--- /dev/null
+++ b/packages/sshnoports/README.md
@@ -0,0 +1,180 @@
+<img width=250px src="https://atsign.dev/assets/img/atPlatform_logo_gray.svg?sanitize=true" alt="The atPlatform logo">
+
+[![GitHub License](https://img.shields.io/badge/license-BSD3-blue.svg)](./LICENSE)
+[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/atsign-foundation/sshnoports/badge)](https://api.securityscorecards.dev/projects/github.com/atsign-foundation/sshnoports)
+
+# SSH! No ports
+
+ssh no ports provides a way to ssh to a remote linux host/device without that
+device or the client having any open ports (not even 22) on external interfaces. All
+network connectivity is out bound and there is no need to know the IP
+address the device has been given. As long as the device and client has an IP address (public or private 1918),
+DNS and Internet access, you will be able to connect to it.
+
+## Quick demo
+![sshnp](https://github.com/atsign-foundation/sshnoports/assets/6131216/4ff005f1-230e-4621-9b33-f834caa9a1d1)
+
+
+There are five binaries:-
+
+`at_activate`  : Command line tool to "cut" your atSigns cryptographic keys and place them in ~/.atsign/keys with .atKeys extension
+
+`sshnpd` : The daemon that runs on the remote device
+
+`sshnp`  : The client that sets up a connection to the device which you
+can then ssh to via your localhost interface
+
+`sshrvd` : This daemon acts as a rendezvous service and provides Internet routable IP/Ports for sshnpd and sshrv to connect to
+
+`sshrv`  : This client is called by sshnp to connect the local sshd to the rendezvous point
+
+To get going you just need two (or three if you want to use your own sshrvd service) atSigns and their .atKeys files and the
+binaries (from the 
+[latest release](https://github.com/atsign-foundation/sshnoports/releases)).
+Once you have the atSigns (free or paid atSigns from [atsign.com](https://atsign.com)), drop the binaries in place
+on each machine and put the keys in `~/.atsign/keys` directory. You will need
+a device atSign and a manager atSign, but each device can also have a unique
+device name using the --device argument.
+
+Once in place you can start up the daemon first on the remote device.
+Remember to start the daemon on start up using rc.local script or similar, examples can be found in the scripts directory in this repo and in the release tar files.
+The daemon machine has to be running sshd even if only listening on localhost on an open port.
+
+`sshnpd.sh` : bash script
+`tmux-sshnpd.sh` : bash script that uses `tmux` to provide realtime logging/view of the running daemon
+
+```
+./sshnpd --atsign <@your_devices_atsign> --manager <@your_manager_atsign> \
+--device <iot_device_name> -u -s
+```
+
+Once that has started up you can run the client code from another machine. The client machine has to be running sshd even if only listening on localhost on an open port.
+
+```
+./sshnp --from <@your_manager_atsign> --to <@your_devices_atsign>  \
+--host <atSign of sshrvd or FQDN/IP of client machine>  --device <iot_device_name> -s <>
+```
+
+The --host specifies the atSign of the sshrvd or the DNS name of the openssh server of the client machine that the remote device can connect to. If everything goes to plan the client
+will complete and tell you how to connect to the remote host for example.
+
+Example command would be:-
+```
+./sshnp -f @cconstab -t @ssh_1 -d orac  -h @stream -s id_ed25519.pub
+```
+Which would output 
+```
+ssh -p 39011 cconstab@localhost -i /home/cconstab/.ssh/id_ed25519
+```
+
+When you run this you will be connected to the remote machine via a reverse
+ssh tunnel from the remote device. 
+
+If you want to do this in a single command use `$(<command>)` for example, note you can specify a ssh public key so you do not get asked for passwords. Use `ssh-keygen` to generate a new ssh key if you do not have one already to access the remote sshd.
+
+```
+$(./sshnp -f @myclient -t @myserver -d mymachine -h @myrz -s id_ed25519.pub)
+```
+
+Atsign provides a sshrvd service but if you want to run your own `sshrvd` you will need a machine that has an internet IP and all ports 1024-65535 unfirewalled and an atSign for the daemon to use.
+
+To run your own rendezvous service, simply run the `sshrvd` binary.  You may omit the manager atSign to allow all atSigns to use your rendezvous service. There are also flags like `-s` to snoop on traffic passing through the service. 
+```
+./sshrvd --atsign <@your_sshrvd_atsign> --manager <@manager_atsign> --ip <FQDN/IP address sent to clients>  
+```
+
+If you can now login using sshnp then you can now turn off sshd from listening on all external interfaces, and instead have ssh listen only on 127.0.0.1.
+
+That is easily done by editing `/etc/ssh/sshd_config`  
+
+```
+#Port 22
+#AddressFamily any
+ListenAddress 127.0.0.1
+#ListenAddress ::
+```
+
+And restarting the ssh daemon. Please make sure you start the sshnpd on
+startup and reboot and check. As this is beta code it is suggested to
+wrap the daemon in a shell script or have sysctld make sure it is running. 
+
+My preference whilst testing was to run the daemon in TMUX so that it is easy
+to see the logs (-v).
+
+
+### sshnpd (daemon) in a docker container
+
+The daemon can also be deployed as part of a pre-built docker container,
+that also has a number of networking tools installed. The container image
+is located on Dockerhub as `atsigncompany/sshnpd:latest` or you can build
+your own using the Dockerfile in the root of the project.
+
+The image expects to have the atKeys for the atSign being used in the
+`/atsign/.atsign/keys` directory, this can be mounted as a volume at startup
+of the docker run command using `-v $(pwd):/atsign/.atsign/keys/` assuming
+you are in the directory where the atKeys file is located. The full command
+to start the container would be something like this:-
+
+```
+docker run -v <location of atKeys>:/atsign/.atsign/keys/ atsigncompany/sshnpd "-a <atSign> -m <atSign> -d <device name> -v -u -s"
+```
+
+Once the container is running to log into the container the sshnp command
+would be used as normal, but you will log into the container not the host,
+from the container you could then log into the host or any other local
+network hosts you have access to.
+
+Docker is very well documented and if you want to keep the container running
+after a reboot if for some reason the container crashes is all easily achieved.
+
+
+## TWO Ways to run SSH! no ports daemons (root access NOT required)
+
+### `sshnpd.sh` and `sshrvd.sh` - plain old shell scripts and log file
+
+The scripts directory of this repo contains an example `sshnpd.sh` that can
+be run in a user's home directory (and assumes that the release has been
+`untar`'d there too). 
+Copy the file of interest to your home directory, so the next release does not over write your config e.g.
+
+`cp ~/sshnp/sshnpd.sh ~/sshnpd.sh`
+
+Make sure to replace the placeholders for sending <atSign> receiving <atSign>
+and <devicename>.
+
+You might also want to add a crontab entry to run the script on reboot:
+
+```
+@reboot ~/sshnpd.sh > ~/sshnpd.log 2>&1
+```
+
+### `tmux-sshnpd.sh` and `tmux-sshrvd.sh` - the power of tmux, highly recommended if tmux is installed `sudo apt install tmux`
+
+This runs the daemon inside a tmux session, which can be connected to in order
+to see logs.
+
+Copy the file of interest to your home directory, so the next release does not over write your config, e.g.
+
+`cp ~/sshnp/tmux-sshnpd.sh ~/tmux-sshnpd.sh`
+
+Once again, ensure that the placeholders are replaced, and this can be run
+by cron using:
+
+```
+@reboot ~/tmux-sshnpd.sh > ~/sshnpd.log 2>&1
+```
+
+## systemd units
+
+The systemd directory contains an example unit file with its own
+[README](systemd/README.md).
+
+## Maintainers
+
+Created by Atsign 
+
+Thoughts/bugs/contributions via PR all very welcome!
+
+
+Original code by [@cconstab](https://github.com/cconstab)
+
diff --git a/scripts/install_sshnp b/packages/sshnoports/scripts/install_sshnp
similarity index 100%
rename from scripts/install_sshnp
rename to packages/sshnoports/scripts/install_sshnp
diff --git a/scripts/install_sshnpd b/packages/sshnoports/scripts/install_sshnpd
similarity index 100%
rename from scripts/install_sshnpd
rename to packages/sshnoports/scripts/install_sshnpd

From a85dfe623be04c2648902852aa30e755425799b8 Mon Sep 17 00:00:00 2001
From: xavierchanth <xchanthavong@gmail.com>
Date: Fri, 30 Jun 2023 18:57:44 -0400
Subject: [PATCH 4/5] fix: package macos script paths

---
 tools/package-macos-arm64.sh | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/tools/package-macos-arm64.sh b/tools/package-macos-arm64.sh
index 2110ea6a9..09acc4df7 100755
--- a/tools/package-macos-arm64.sh
+++ b/tools/package-macos-arm64.sh
@@ -1,8 +1,9 @@
 #!/bin/bash
 
-FULL_PATH_TO_SCRIPT="$(realpath "${BASH_SOURCE[-1]}")"
+FULL_PATH_TO_SCRIPT="$(realpath "${BASH_SOURCE[0]}")"
 SCRIPT_DIRECTORY="$(dirname "$FULL_PATH_TO_SCRIPT")"
-SRC_DIR="$SCRIPT_DIRECTORY/../packages/sshnoports"
+ROOT_DIRECTORY="$SCRIPT_DIRECTORY/.."
+SRC_DIR="$ROOT_DIRECTORY/packages/sshnoports"
 
 if [ "$(uname)" != "Darwin" ]; then
   echo "This script is only for macOS";
@@ -22,7 +23,7 @@ fi
 
 eval "$DART pub upgrade -C $SRC_DIR"
 
-OUTPUT_DIR_PATH="$SCRIPT_DIRECTORY/../build/macos-arm64"
+OUTPUT_DIR_PATH="$ROOT_DIRECTORY/build/macos-arm64"
 OUTPUT_DIR="$OUTPUT_DIR_PATH/sshnp"
 
 rm -r "$OUTPUT_DIR" build/sshnp-macos-arm64.tgz
@@ -35,6 +36,6 @@ eval "$DART compile exe -o $OUTPUT_DIR/sshrv $SRC_DIR/bin/sshrv.dart"
 eval "$DART compile exe -o $OUTPUT_DIR/at_activate $SRC_DIR/bin/activate_cli.dart"
 
 cp -r "$SRC_DIR/templates" "$OUTPUT_DIR/templates";
-cp "$SCRIPT_DIRECTORY/../scripts/*" "$OUTPUT_DIR/";
+cp "$SRC_DIR"/scripts/* "$OUTPUT_DIR/";
 
 tar czf build/sshnp-macos-arm64.tgz -C "$OUTPUT_DIR_PATH" sshnp

From 257199cb8242a1515b7a270e2565895fe9ec9ad6 Mon Sep 17 00:00:00 2001
From: xavierchanth <xchanthavong@gmail.com>
Date: Fri, 30 Jun 2023 19:07:33 -0400
Subject: [PATCH 5/5] fix: add back README logo alt tag

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 850a7aec5..40defaf7c 100644
--- a/README.md
+++ b/README.md
@@ -1,4 +1,4 @@
-<img width=250px src="https://atsign.dev/assets/img/atPlatform_logo_gray.svg?sanitize=true">
+<img width=250px src="https://atsign.dev/assets/img/atPlatform_logo_gray.svg?sanitize=true" alt="The atPlatform logo">
 
 [![GitHub License](https://img.shields.io/badge/license-BSD3-blue.svg)](./LICENSE)
 [![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/atsign-foundation/sshnoports/badge)](https://api.securityscorecards.dev/projects/github.com/atsign-foundation/sshnoports)