SSH, The Secure Shell: The Definitive Guide, 2nd Edition
Be the First to Write a Review and tell the world about this title!People who purchase this book frequently purchase: - Classic Shell Scripting; Arnold Robbins, et al, $21.95, 37% Off!
- Learning the bash Shell, 3rd Edition; Cameron Newham, $21.95, 37% Off!
- Understanding the Linux Kernel, 3rd Edition; Daniel P. Bovet, et al, $31.50, 37% Off!
- LDAP System Administration; Gerald Carter, $24.50, 39% Off!
Books on similar topics, in best-seller order:Books from the same publisher, in best-seller order:
Are you serious about network security? Then check out SSH, the Secure Shell,
which provides key-based authentication and transparent encryption for your network
connections. It's reliable, robust, and reasonably easy to use, and both free
and commercial implementations are widely available for most operating systems.
While it doesn't solve every privacy and security problem, SSH eliminates several
of them very effectively.
Everything you want to know about SSH is in our second edition of SSH, The
Secure Shell: The Definitive Guide. This updated book thoroughly covers the
latest SSH-2 protocol for system administrators and end users interested in
using this increasingly popular TCP/IP-based solution.
How does it work? Whenever data is sent to the network, SSH automatically encrypts
it. When data reaches its intended recipient, SSH decrypts it. The result is
"transparent" encryption-users can work normally, unaware that their
communications are already encrypted. SSH supports secure file transfer between
computers, secure remote logins, and a unique "tunneling" capability
that adds encryption to otherwise insecure network applications. With SSH, users
can freely navigate the Internet, and system administrators can secure their
networks or perform remote administration.
Written for a wide, technical audience, SSH, The Secure Shell: The Definitive
Guide covers several implementations of SSH for different operating systems
and computing environments. Whether you're an individual running Linux machines
at home, a corporate network administrator with thousands of users, or a PC/Mac
owner who just wants a secure way to telnet or transfer files between machines,
our indispensable guide has you covered. It starts with simple installation
and use of SSH, and works its way to in-depth case studies on large, sensitive
computer networks.
No matter where or how you're shipping information, SSH, The Secure Shell:
The Definitive Guide will show you how to do it securely.
Table of Contents
Preface
1. Introduction to SSH
1.1 What Is SSH?
1.2 What SSH Is Not
1.3 The SSH Protocol
1.4 Overview of SSH Features
1.5 History of SSH
1.6 Related Technologies
1.7 Summary
2. Basic Client Use
2.1 A Running Example
2.2 Remote Terminal Sessions with ssh
2.3 Adding Complexity to the Example
2.4 Authentication by Cryptographic Key
2.5 The SSH Agent
2.6 Connecting Without a Password or Passphrase
2.7 Miscellaneous Clients
2.8 Summary
3. Inside SSH
3.1 Overview of Features
3.2 A Cryptography Primer
3.3 The Architecture of an SSH System
3.4 Inside SSH-2
3.5 Inside SSH-1
3.6 Implementation Issues
3.7 SSH and File Transfers (scp and sftp)
3.8 Algorithms Used by SSH
3.9 Threats SSH Can Counter
3.10 Threats SSH Doesn't Prevent
3.11 Threats Caused by SSH
3.12 Summary
4. Installation and Compile-Time Configuration
4.1. Overview
4.2 Installing OpenSSH
4.3 Installing Tectia
4.4 Software Inventory
4.5 Replacing r-Commands with SSH
4.6 Summary
5. Serverwide Configuration
5.1 Running the Server
5.2 Server Configuration: An Overview
5.3 Getting Ready: Initial Setup
5.4 Authentication: Verifying Identities
5.5 Access Control: Letting People In
5.6 User Logins and Accounts
5.7 Forwarding
5.8 Subsystems
5.9 Logging and Debugging
5.10 Compatibility Between SSH-1 and SSH-2 Servers
5.11 Summary
6. Key Management and Agents
6.1 What Is an Identity?
6.2 Creating an Identity
6.3 SSH Agents
6.4 Multiple Identities
6.5 PGP Authentication in Tectia
6.6 Tectia External Keys
6.7 Summary
7. Advanced Client Use
7.1 How to Configure Clients
7.2 Precedence
7.3 Introduction to Verbose Mode
7.4 Client Configuration in Depth
7.5 Secure Copy with scp
7.6 Secure, Interactive Copy with sftp
7.7 Summary
8. Per-Account Server Configuration
8.1 Limits of This Technique
8.2 Public-Key-Based Configuration
8.3 Hostbased Access Control
8.4 The User rc File
8.5 Summary
9. Port Forwarding and X Forwarding
9.1 What Is Forwarding?
9.2 Port Forwarding
9.3 Dynamic Port Forwarding
9.4 X Forwarding
9.5 Forwarding Security: TCP-wrappers and libwrap
9.6 Summary
10. A Recommended Setup
10.1 The Basics
10.2 Compile-Time Configuration
10.3 Serverwide Configuration
10.4 Per-Account Configuration
10.5 Key Management
10.6 Client Configuration
10.7 Remote Home Directories (NFS, AFS)
10.8 Summary
11. Case Studies
11.1 Unattended SSH: Batch or cron Jobs
11.2 FTP and SSH
11.3 Pine, IMAP, and SSH
11.4 Connecting Through a Gateway Host
11.5 Scalable Authentication for SSH
11.6 Tectia Extensions to Server Configuration Files
11.7 Tectia Plugins
12. Troubleshooting and FAQ
12.1 Debug Messages: Your First Line of Defense
12.2 Problems and Solutions
12.3 Other SSH Resources
13. Overview of Other Implementations
13.1 Common Features
13.2 Covered Products
13.3 Other SSH Products
14. OpenSSH for Windows
14.1 Installation
14.2 Using the SSH Clients
14.3 Setting Up the SSH Server
14.4 Public-Key Authentication
14.5 Troubleshooting
14.6 Summary
15. OpenSSH for Macintosh
15.1 Using the SSH Clients
15.2 Using the OpenSSH Server
16. Tectia for Windows
16.1 Obtaining and Installing
16.2 Basic Client Use
16.3 Key Management
16.4 Accession Lite
16.5 Advanced Client Use
16.6 Port Forwarding
16.7 Connector
16.8 File Transfers
16.9 Command-Line Programs
16.10 Troubleshooting
16.11 Server
17. SecureCRT and SecureFX for Windows
17.1 Obtaining and Installing
17.2 Basic Client Use
17.3 Key Management
17.4 Advanced Client Use
17.5 Forwarding
17.6 Command-Line Client Programs
17.7 File Transfer
17.8 Troubleshooting
17.9 VShell
17.10 Summary
18. PuTTY for Windows
18.1 Obtaining and Installing
18.2 Basic Client Use
18.3 File Transfer
18.4 Key Management
18.5 Advanced Client Use
18.6 Forwarding
18.7 Summary
A. OpenSSH 4.0 New Features
B. Tectia Manpage for sshregex
C. Tectia Module Names for Debugging
D. SSH-1 Features of OpenSSH and Tectia
E. SSH Quick Reference
Index
About the Authors
Dan Barrett has been immersed in Internet technology since 1985.
Currently working as a software engineer, Dan has also been a heavy metal singer,
Unix system administrator, university lecturer, web designer, and humorist.
He is the author of O'Reilly's Linux Pocket Guide, and he is the coauthor of
Linux Security Cookbook, and SSH, The Secure Shell: The Definitive Guide. He
also writes monthly columns for Compute! and Keyboard Magazine, and articles
for the O'Reilly Network.
Richard E. Silverman has a B.A. in computer science and an M.A.
in pure mathematics. Richard has worked in the fields of networking, formal
methods in software development, public-key infrastructure, routing security,
and Unix systems administration. He is the co-author of SSH, The Secure Shell:
The Definitive Guide.
Robert G. Byrnes, Ph.D., has been hacking on Unix systems for
twenty years, and has been involved with security issues since the original
Internet worm was launched from Cornell University, while he was a graduate
student and system administrator. He is currently a software engineer at Curl
Corporation, and has worked in the fields of networking, telecommunications,
distributed computing, financial technology, and condensed matter physics.
|
