github
/
Xray-docs-next
mirror of https://github.com/XTLS/Xray-docs-next
1
0
Fork 0
Code Issues Releases Wiki Activity

Fix prettier format

pull/378/head
yuhan6665 2023-05-19 11:06:51 -04:00
parent 80bb764114
commit 289cda827a
14 changed files with 88 additions and 90 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docs/en/document/level-0/ch01-preface.md
View File

@ -66,7 +66,7 @@ The so-called "airport" refers to the "line provider". They are responsible for
2. **Multiple Line Options**: Can unlock network services in different countries and regions, such as iplc dedicated line services, game acceleration services, etc. 2. **Multiple Line Options**: Can unlock network services in different countries and regions, such as iplc dedicated line services, game acceleration services, etc.
3. **Multiple Access Nodes**: Therefore, it has a stronger ability to resist node blocking, if one is blocked, just switch to another one. 3. **Multiple Access Nodes**: Therefore, it has a stronger ability to resist node blocking, if one is blocked, just switch to another one.
2. Risks of "Airport" - Risks of "Airport"
"The other side of the coin of 'convenience' is 'risk'. Based on the technical characteristics and market conditions of the 'airport', its risks include at least:" "The other side of the coin of 'convenience' is 'risk'. Based on the technical characteristics and market conditions of the 'airport', its risks include at least:"

29
docs/en/document/level-0/ch04-security.md
View File

@ -73,7 +73,7 @@ This is a command in the shell terminal to open the `sshd_config` file located i
![Interface of nano](./ch04-img01-nano-ui.png) ![Interface of nano](./ch04-img01-nano-ui.png)
5) The second thing we need to do is to **find the `Port` item in the opened file and modify its port**. The number after `Port` is the SSH port. It is generally recommended to change it to an integer greater than `1024` and less than `65535` (this article takes `9753` as an example). Please think about how to operate it with the shortcut keys of `nano`. You are right again! It is: 5. The second thing we need to do is to **find the `Port` item in the opened file and modify its port**. The number after `Port` is the SSH port. It is generally recommended to change it to an integer greater than `1024` and less than `65535` (this article takes `9753` as an example). Please think about how to operate it with the shortcut keys of `nano`. You are right again! It is:
- Use `ctrl+w` to enter search mode, then type `Port 22` and press Enter - Use `ctrl+w` to enter search mode, then type `Port 22` and press Enter
- Delete `22` and replace it with `9753` - Delete `22` and replace it with `9753`
@ -246,48 +246,47 @@ Now let's configure the [Key Authentication]!
2. Upload the public key to the "vpsadmin" user on the VPS. 2. Upload the public key to the "vpsadmin" user on the VPS.
1. This step requires the use of the previously prepared `WinSCP`. 1, This step requires the use of the previously prepared `WinSCP`.
2. Go to the [official website](https://winscp.net/eng/index.php) to download and install. It will prompt you to import PuTTY settings, and of course, you can import them with one click!
2, Go to the [official website](https://winscp.net/eng/index.php) to download and install. It will prompt you to import PuTTY settings, and of course, you can import them with one click!
![One-click Import Session](./ch04-img10-winscp-import-session.png) ![One-click Import Session](./ch04-img10-winscp-import-session.png)
3. If there is no prompt for import or you have already installed it in advance, configure it according to the following figure. 3, If there is no prompt for import or you have already installed it in advance, configure it according to the following figure.
![WinSCP login settings](./ch04-img11-winscp-ui.png) ![WinSCP login settings](./ch04-img11-winscp-ui.png)
4. The directory on the left side of WinSCP is the folder and files on your local computer. Please locate the folder where the key is stored. 4, The directory on the left side of WinSCP is the folder and files on your local computer. Please locate the folder where the key is stored.
5. The directory on the right side of WinSCP is the folder and files on the VPS server, which are located in the `/home/vpsadmin/` folder by default. To display hidden files, please click on `X hidden` in the lower right corner. 5, The directory on the right side of WinSCP is the folder and files on the VPS server, which are located in the `/home/vpsadmin/` folder by default. To display hidden files, please click on `X hidden` in the lower right corner.
![Local and remote folders](./ch04-img12-winscp-locations.png) ![Local and remote folders](./ch04-img12-winscp-locations.png)
6. Right-click on the right side (in VPS) and create a new folder named `.ssh` (note the period at the beginning). 6, Right-click on the right side (in VPS) and create a new folder named `.ssh` (note the period at the beginning).
![Create a folder to place public key in VPS](./ch04-img13-winscp-newfolder-key.png) ![Create a folder to place public key in VPS](./ch04-img13-winscp-newfolder-key.png)
7. Upload the [public key] `authorized_keys` to the `.ssh` folder. 7, Upload the [public key] `authorized_keys` to the `.ssh` folder.
![Upload authorized_keys](./ch04-img14-winscp-upload-key.png) ![Upload authorized_keys](./ch04-img14-winscp-upload-key.png)
8. When uploading, rename the [public key] from `authorized_keys.txt` to `authorized_keys` (remove the `.txt` extension). 8, When uploading, rename the [public key] from `authorized_keys.txt` to `authorized_keys` (remove the `.txt` extension).
![Ensure there is no file extension](./ch04-img15-winscp-rename-key.png) ![Ensure there is no file extension](./ch04-img15-winscp-rename-key.png)
9. The complete process demonstration is as follows: 9, The complete process demonstration is as follows:
![Complete demonstration of WinSCP operation](./ch04-img16-winscp-full.gif) ![Complete demonstration of WinSCP operation](./ch04-img16-winscp-full.gif)
3. Enable RSA key authentication for SSH login and disable password authentication login on the VPS side. 3. Enable RSA key authentication for SSH login and disable password authentication login on the VPS side.
1. Basic Linux Commands: - Basic Linux Commands:
| Number | Command | Description | | Number | Command | Description |
| :------: | :-----: | :-----------------------------------------------: | | :------: | :-----: | :-----------------------------------------------: |
| `cmd-08` | `sudo` | Run a command with `root` privileges | | `cmd-08` | `sudo` | Run a command with `root` privileges |
| `cmd-09` | `chmod` | Change the permissions of a target file/directory | | `cmd-09` | `chmod` | Change the permissions of a target file/directory |
- SSH remote connection to VPS (PuTTY)
2. SSH remote connection to VPS (PuTTY) - Change the permission of the `authorized_keys` file to `600` (only the owner can read and write).
3. Change the permission of the `authorized_keys` file to `600` (only the owner can read and write).
```shell ```shell
chmod 600 ~/.ssh/authorized_keys chmod 600 ~/.ssh/authorized_keys

1
docs/en/document/level-0/ch05-webpage.md
View File

@ -152,7 +152,6 @@ If you encounter any errors, please carefully review the explanations in Steps 3
::: warning ::: warning
In the early stages of this article, a lot of space has been devoted to explaining the importance of using a **non-root user** for security, and the entire article is written based on this premise. So, issues caused by using a **root user** are not within the scope of this article. In the early stages of this article, a lot of space has been devoted to explaining the importance of using a **non-root user** for security, and the entire article is written based on this premise. So, issues caused by using a **root user** are not within the scope of this article.
But I believe that students who persist in using the `root` user should have their own opinions, strong hands-on ability, or have a certain foundation in Linux. I have already explained the crux of the problem, and I believe you can solve it on your own. But I believe that students who persist in using the `root` user should have their own opinions, strong hands-on ability, or have a certain foundation in Linux. I have already explained the crux of the problem, and I believe you can solve it on your own.
## 5.5 Your Progress ## 5.5 Your Progress

4
docs/en/document/level-0/ch06-certificates.md
View File

@ -63,7 +63,7 @@ In addition, if some websites do need to be compatible with certain old devices,
2. You should eventually see a prompt similar to this: 2. You should eventually see a prompt similar to this:
```log ````log
[Wed 30 Dec 2022 04:25:12 AM EST] Using ACME_DIRECTORY: https://acme-staging-v02.api.letsencrypt.org/directory [Wed 30 Dec 2022 04:25:12 AM EST] Using ACME_DIRECTORY: https://acme-staging-v02.api.letsencrypt.org/directory
[Wed 30 Dec 2022 04:25:13 AM EST] Using CA: https://acme-staging-v02.api.letsencrypt.org/directory [Wed 30 Dec 2022 04:25:13 AM EST] Using CA: https://acme-staging-v02.api.letsencrypt.org/directory
[Wed 30 Dec 2022 04:25:13 AM EST] Create account key ok. [Wed 30 Dec 2022 04:25:13 AM EST] Create account key ok.
@ -118,7 +118,7 @@ yiLKcBFc5H7dgJCImo7us7aJeftC44uWkPIjw9AKH=
```shell ```shell
acme.sh --issue --server letsencrypt --test -d subdomain.yourdomain.com -w /home/vpsadmin/www/webpage --keylength ec-256 --debug acme.sh --issue --server letsencrypt --test -d subdomain.yourdomain.com -w /home/vpsadmin/www/webpage --keylength ec-256 --debug
``` ````
(Note: This command is written in Chinese characters, therefore I have translated it into English. The command is used to issue SSL/TLS certificates using acme.sh client with Let's Encrypt CA in test mode for a subdomain of your domain with the specified webroot path, key length and in debug mode.) (Note: This command is written in Chinese characters, therefore I have translated it into English. The command is used to issue SSL/TLS certificates using acme.sh client with Let's Encrypt CA in test mode for a subdomain of your domain with the specified webroot path, key length and in debug mode.)