SSH, The Secure Shell 174
SSH, The Secure Shell | |
author | Daniel J. Barrett, Richard E. Silverman |
pages | 540 |
publisher | O'Reilly & Associates |
rating | 8 |
reviewer | Danny Yee |
ISBN | 0-596-00011-1 |
summary | Comprehensive look at the ubiquitous SSH protocol, from installation to advanced uses. |
A comprehensive study of what is now a key part of many network systems, SSH, The Secure Shell is a valuable resource for system administrators and users. Its explanations are clear and thorough: I'm not sure about the "definitive" claim, but Barrett and Silverman do go into considerable detail, often to the limits of "if you want to play with this you really ought to look at the source code." Perhaps most importantly, The Secure Shell is organised so one can easily skip unwanted detail and find just those portions that are relevant. As a result, it can be used in different ways -- read through to learn about ssh and what it can be used for, or just consulted as necessary to answer particular questions or solve particular problems.
Chapter one puts ssh in context, looking at its history and related technologies, and chapter two introduces basic client operation. Anyone who uses ssh and scp as simple telnet and ftp replacements and isn't curious about how they work can stop reading here -- and doesn't really need their own copy of The Secure Shell. Chapter three is an "under the covers" look at ssh. After a three-page introduction to cryptography (not really suitable for the reader with absolutely no background), it explains the ssh1 protocol and then how ssh2 differs from that and the extra features it offers. There is also a brief overview of the cryptographic algorithms commonly used in ssh implementations, and an explanation what ssh secures and what it doesn't.
The rest of the book is more implementation-specific: the primary implementations covered are SSH, SSH2, and OpenSSH. Being a lazy user of packages, I skipped chapter four, on installation and compile-time configuration. Chapter five is a guide to server configuration, working systematically through the sshd configuration file options.
The next four chapters are aimed at power users, covering client use in much greater depth. Chapter six explains key management: what identities are, how to create them, how to manage them with ssh agents, and how they can be used (to automate logons, most obviously, but fancy things can be done with multiple identities). Chapter seven goes through client configuration in detail, working through the configuration file options, chapter eight covers account configuration on the server-side (including forced commands), and chapter nine looks at port and X11 forwarding.
For those overwhelmed by all of this, chapter ten describes a sample "recommended setup" for everything from compilation to client configuration. Chapter eleven covers some special topics -- unattended SSH, FTP forwarding, mail over SSH, Kerberos, using SSH through a gateway host -- and chapter twelve is a troubleshooting FAQ.
Chapter thirteen is an overview of other implementations, with a table of products, and four short chapters then cover specific Windows and Mac clients. Of the three Windows clients covered here, two are proprietary and the third is only distributed as a bzipped tar file: it would have been good to have a chapter on one of the free and more user-friendly Windows clients, perhaps PuTTY or TTSSH, both of which get a "recommended" tag in the table of products.
You might want to purchase SSH, The Secure Shell from Barnes and Noble or read some of Danny's 600+ other book reviews. Want to be a famous book reviewer? You can read your own book reviews in this space by submitting your reviews after reading the book review guidelines.
And this book provides what extra value? (Score:3, Interesting)
Re:feh (Score:2, Interesting)
Timely or not, I appreciate most of the book reviews here because I don't have time to read each and every one of the books that come out, nor could I affoard all of them that I would like to read.
Being a teacher who is multi-tasked into system administration by the powers-that-be, I have enough on my plate already, and if a review is strikingly important to what I already do, and can shed some light on the topic, then I make an effort to get acquainted with that book and use it's insight.
Late for some is more than timely for others.
--Huck
Re:And this book provides what extra value? (Score:2, Interesting)
For the most part I agree with you, it's not necessary for most Unix admins in order to get up and running with SSH. The man page and readme work just fine for that.
For those who want do more esoteric things (or are interested in learning HOW it works, it provides good, clear explanations of what is done or what CAN be done and how to do it.
While it's probably not the first O'Reilly book I'd recommend, it's still quite useful.
Buy it cheaper at half.com or bookpool.com (Score:5, Interesting)
half.com - $23.00 ... $31.96
bookpool.com - $24.50
Barnes and Noble
Sig: What Happened To The Censorware Project (censorware.org) [sethf.com]
ssh.com's SSH Secure Shell for Windows (Score:3, Interesting)
I am quite pleased with the latest version for workstations (3.1) in that they have finally implemented somewhat-intelligent URL handling (i.e. clicking on a URL brings up the link in a new window in your default browser) and the look of the app can match the XP look with the click o' a checkbox, for those who care about such things.
Additionally, the Explorer-like secure file transfer window is a godsend for folks like me who:
are too paranoid to have an ftpd running on their servers, and
appreciate how it Just Works.
If you, say, use your Windows gaming machine to occasionally ssh in and mutt or pine through your mail on your *nix server, I'd recommend checking it out. (No, I have no affiliation with ssh.com, I just like the product.)
False sense of security... (Score:1, Interesting)
http://ettercap.sourceforge.net/
If you build it they will crack it.