> For the complete documentation index, see [llms.txt](https://doane-ccla.gitbook.io/docs/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://doane-ccla.gitbook.io/docs/learning-linux/protocols.md). # Communication Protocols Protocols are a set of rules or standards that define the communication between devices on a network. * [Generalities of a Service](/docs/learning-linux/protocols.md#generalities-of-a-service) * [The `ssh` Protocol](/docs/learning-linux/protocols.md#the-ssh-protocol) * [The `scp` Protocol](/docs/learning-linux/protocols.md#the-scp-protocol) * [The `nfs` Protocol](/docs/learning-linux/protocols.md#the-nfs-protocol) ## Generalities of a Service A process is a running program at a particular instant of time. The process refers to an opening of a Web Browser or any other visible program or action for the user, but this term also includes programs that are running in the background waiting to be called by the system. Those programs can be services that offer remote connection, sending of mail, or translation of IPs into readable URLs. These services are identified by a number of ports defined by the [Assigned Numbers RFC](https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml). The configuration of services is in `/etc/services` and includes the name, the port that defines the service, and which transport protocol is used (UDP or TCP) for each one. ## The `ssh` Protocol This protocol enables secure connection to the SSH server on a remote machine. * **Installation of the package** By default, in **CentOS 7**, the SSH package comes installed, but if not, please run: ```bash yum install openssh openssh-server openssh-clients openssl-libs ``` *It installs the openssh package to enable SSH as a server and as a client.* If you need additional information about **yum commands**, you can visit this [link](https://www.centos.org/docs/5/html/5.1/Deployment_Guide/s1-yum-useful-commands.htm). * **The default configuration file** The default configuration file and settings for the SSHD daemon is in `/etc/ssh/sshd_config`. ```bash cp /etc/ssh/sshd_config /etc/ssh/sshd_config.ori ``` *This creates a copy of the original configuration file in order to prevent damage or mistakes during a custom configuration.* Then, you can customize the configuration in the `/etc/ssh/ssh_config` file with these options: ```bash Port 22 PermitRootLogin without-password PermitRootLogin yes PasswordAuthentication yes ForwardAgent yes ForwardX11 yes ``` Furthermore, to have the ability to run the protocol with the name of the servers such as `ssh server_name`, create a file `~/.ssh/config`, and customize it with: ```bash Host shortcut_name HostName 0.1.2.3 Port 22 User user ServerAliveInterval 120 IdentityFile ~/.ssh/my_key.pem ``` Then, you will be able to enter the server called `shortcut_name` with SSH by using: ```bash ssh shortcut_name ``` * **Restart the SSHD service** Once you make the configuration changes, you can save and close the file. For the changes to take effect, you should restart the SSH daemon. ```bash systemctl restart sshd.service ``` *This command is used in case the SSHD service is* `enabled`*. To check the current status of the service, please read more about the* [*status of a service*](/docs/learning-linux/services.md)*.* * **Generate an SSH Key** To secure the transmission of information, SSH employs different types of data manipulation techniques that include forms of asymmetrical encryption such as an SSH key. ```bash ssh-keygen ``` *Press* `Enter` *to accept the default location and filename which is* `~/.ssh/id_rsa`*. Then press* `Enter`*, then* `Enter` *again to not set a passphrase when prompted.* Make sure the SSH key was successfully created by checking the encrypted content at `~/.ssh/id_rsa.pub`. This file must have the [permission 600](/docs/learning-linux/file-permissions.md). To check it please run `ls -AhlF ~/.ssh`. Finally, to copy the SSH key to a server, please run `ssh-copy-id -i ~/.ssh/id_rsa.pub user@server` ## The `scp` Protocol This protocol allows files to be copied to, from, or between different hosts. It uses SSH for data transfer and provides the same authentication and same level of security as SSH. * **Copy the file `remote_file.txt` from a remote host to the local host** ```bash scp user@remotehost:remote_file.txt /some/local/directory ``` * **Copy the file `local_file.txt` from the local host to a remote host directory** ```bash scp local_file.txt user@remotehost:/some/remote/directory ``` * **Copy the directory `local_directory` from the local host to a remote host's directory `remote_directory`** ```bash scp -r local_directory user@remotehost:/some/remote/directory/remote_directory ``` * **Copy the file `fr1.txt` from remote host `rh1` to remote host `rh2`** ```bash scp user@rh1:/some/remote/directory/fr1.txt user@rh2:/some/remote/directory/ ``` * **Copy multiple files from a local directory to a remote host home directory** ```bash scp one_file.txt another_file.txt user@remotehost: ``` ## The `nfs` Protocol To set up `NFS mounts`, we will need at least two Linux/Unix machines. Here we will be using two servers. * **NFS Server**: server.org with IP-192.XXX.0.100 * **NFS Client**: client.org with IP-192.XXX.0.101 ### NFS Server * **Configure export directory** For sharing a directory with NFS, we need to make an entry in the `/etc/exports` configuration file. Let's create a new directory named `nfsshare` in the `/` partition of the server. Then, we need to make an entry in `/etc/exports` and restart the services to make our directory shareable in the network. ```bash mkdir /nfsshare vi /etc/exports /nfsshare 192.XXX.0.101(rw,sync,no_root_squash) service autofs restart ``` *It displays a directory in the* `/` *partition named "nfsshare" which is being shared with client IP "192.XXX.0.101" with read and write privileges. You can also use the hostname of a server.* ### NFS Client * **Mount a shared directory on an NSF client** To mount a directory in our server to access it locally, we need to find out what shares are available on the remote server or NFS Server with `showmount`. ```bash showmount -e 192.XXX.0.100 Export list for 192.XXX.0.100: /nfsshare 192.XXX.0.101 ``` *This command shows that a directory named* `nfsshare` *is available at "192.XXX.0.100" to share with your server.* * **To mount a shared NFS directory permanently, we can use following `mount` command:** ```bash vi /etc/fstab 192.XXX.0.100:/nfsshare /mnt nfs defaults 0 0 service autofs restart ``` *With* `vi /etc/fstab`*, we are setting the* `IP:name_directory` *to be mounted, and it will be mounted on* `/mnt`*. You can verify it with* `mount | grep nfs`*.* --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://doane-ccla.gitbook.io/docs/learning-linux/protocols.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.