In a packet switching network when you send a flux of data (video, sound, etc.), you have the illusion of continuity like for process switching handled by the scheduler.
## **Internet Protocol** (IP)
> The **Internet Protocol** (**IP**) is the principal [communications protocol](https://en.wikipedia.org/wiki/Communications_protocol) in the [Internet protocol suite](https://en.wikipedia.org/wiki/Internet_protocol_suite) for relaying [datagrams](https://en.wikipedia.org/wiki/Datagram) across network boundaries. Its [routing](https://en.wikipedia.org/wiki/Routing) function enables [internetworking](https://en.wikipedia.org/wiki/Internetworking), and essentially establishes the [Internet](https://en.wikipedia.org/wiki/Internet).
...
...
@@ -94,9 +96,35 @@ UDP uses a simple [connectionless communication](https://en.wikipedia.org/wiki/C
- Multicast (a single datagram packet can be automatically routed without duplication to a group of subscribers)
- Lightweight (no ordering of messages, no tracking connections, etc. It is a very simple transport layer designed on top of IP)
### Port
Higher, communication protocols like TCP and UDP, also define **port**. A **port** is a communication endpoint. When software wants to communicate overt TCP or UDP it will do so using a specific **port**. Each system has **port** numbers ranging from 0 to 65535. **Port** numbered from 0 through 1023 are system **ports** used by well-known processes (you need specific rights to use them).
| 80 | [Hypertext Transfer Protocol](https://en.wikipedia.org/wiki/Hypertext_Transfer_Protocol)(HTTP) used in the [World Wide Web](https://en.wikipedia.org/wiki/World_Wide_Web) |
| 443 | [HTTP Secure](https://en.wikipedia.org/wiki/HTTP_Secure)(HTTPS) HTTP over TLS/SSL |
Nowadays, **ports** provide multiplexing, which means that multiple service or communication session can use the same **port** number.
## SSH
There exist numerous other protocols ([RTP](https://en.wikipedia.org/wiki/Real-time_Transport_Protocol) for example). But most of them run over the TCP and UDP protocols. **SSH** or **Secure Shell** is one of them. SSH is a [cryptographic](https://en.wikipedia.org/wiki/Cryptography)[network protocol](https://en.wikipedia.org/wiki/Network_protocol) for operating network services securely over an unsecured network.
There are numerous other protocols ([RTP](https://en.wikipedia.org/wiki/Real-time_Transport_Protocol) for example). But most of them run over the TCP and UDP protocols. **SSH** or **Secure Shell** is one of them. SSH is a [cryptographic](https://en.wikipedia.org/wiki/Cryptography)[network protocol](https://en.wikipedia.org/wiki/Network_protocol) for operating network services securely over an unsecured network.
SSH use a client-server architecture, you use an SSH client to connect to an SSH server. By default most Linux distribution don’t comes with an SSH server installed. For the IFB, SSH connection is the default way to connect to your VMs, so you should have an SSH sever up and running.
SSH uses [Public-key cryptography (or asymmetric cryptography](https://en.wikipedia.org/wiki/Public-key_cryptography)), is a cryptographic system which uses pairs of [keys](https://en.wikipedia.org/wiki/Cryptographic_key): *public keys* (which may be known to others), and *private keys* (which may never be known by any except the owner).
[Public-key cryptography (or asymmetric cryptography](https://en.wikipedia.org/wiki/Public-key_cryptography)), is a cryptographic system which uses pairs of [keys](https://en.wikipedia.org/wiki/Cryptographic_key): *public keys* (which may be known to others), and *private keys* (which may never be known by any except the owner).
A cryptographic algorithm is used to generate a pair of *public* and *private* keys from a large random number. Then, the 3 following scheme can be used to secure communication:
...
...
@@ -140,7 +168,7 @@ Can be used to share public keys (see [Diffie-Hellman)](https://fr.wikipedia.org
## SSH Server
By default, on the IFB, password authentication is disabled to enforce the use of public key based authentication. To learn `ssh` command we are going to enable this option on your VMs. Find their `sshd` configuration file and open it with an editor of your choice.
By default, on the IFB, password authentication is disabled to enforce the use of public key based authentication. To learn `ssh` command we are going to enable this option on your VMs. Find the`sshd` configuration file and open it with the editor of your choice.
<details><summary>Solution</summary>
<p>
...
...
@@ -358,4 +386,14 @@ Host work-ens
PreferredAuthentications publickey,password,
```
With the command `ssh work-ens`, the `ssh` client is going to first connect to `ens` and then from `ens` to the `ip.ip.ip.ip` server.
\ No newline at end of file
With the command `ssh work-ens`, the `ssh` client is going to first connect to `ens` and then from `ens` to the `ip.ip.ip.ip` server.
In the next session, we are going to learn how to [install system-wide programs](http://perso.ens-lyon.fr/laurent.modolo/unix/11_install_system_programs.html) like the one managed by `systemd`
