LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Weekly Edition

Return to the Security page

Recent Features

LWN.net Weekly Edition for May 24, 2012

A uTouch architecture introduction

LWN.net Weekly Edition for May 17, 2012

Tasting the Ice Cream Sandwich

Highlights from the PostgreSQL 9.2 beta

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Book Review: SSH, The Secure Shell - The Definitive Guide

[Posted June 4, 2002 by dennis] 

From:	 Danny Yee <editor@dannyreviews.com>
To:	 lwn@lwn.net
Subject: book review of possible interest
Date:	 Wed, 29 May 2002 08:44:08 -0400

 SSH, The Secure Shell
 - The Definitive Guide
 Daniel J. Barrett + Richard E. Silverman
 O'Reilly & Associates 2001
 540 pages
 
 A book review by Danny Yee
 http://dannyreviews.com/h/SSH.html

A comprehensive study of what is now a key part of many network systems,
_SSH, The Secure Shell_ is a valuable resource for system administrators
and users.  Its explanations are clear and thorough: I'm not sure about
the "definitive" claim, but Barrett and Silverman do go into considerable
detail, often to the limits of "if you want to play with this you
really ought to look at the source code".  Perhaps most importantly,
_The Secure Shell_ is organised so one can easily skip unwanted detail
and find just those portions that are relevant.  As a result, it can
be used in different ways -- read through to learn about ssh and what
it can be used for, or just consulted as necessary to answer particular
questions or solve particular problems.

Chapter one puts ssh in context, looking at its history and related
technologies, and chapter two introduces basic client operation.
Anyone who uses ssh and scp as simple telnet and ftp replacements and
isn't curious about how they work can stop reading here -- and doesn't
really need their own copy of _The Secure Shell_.  Chapter three is
an "under the covers" look at ssh.  After a a three page introduction
to cryptography (not really suitable for the reader with absolutely no
background), it explains the ssh1 protocol and then how ssh2 differs from
that and the extra features it offers.  There is also a brief overview
of the cryptographic algorithms commonly used in ssh implementations,
and an explanation what ssh secures and what it doesn't.

The rest of the book is more implementation-specific: the primary
implementations covered are SSH, SSH2, and OpenSSH.  Being a lazy user
of packages, I skipped chapter four, on installation and compile-time
configuration.  Chapter five is a guide to server configuration, working
systematically through the sshd configuration file options.

The next four chapters are aimed at power users, covering client use in
much greater depth.  Chapter six explains key management: what identities
are, how to create them, how to manage them with ssh agents, and how
they can be used (to automate logons, most obviously, but fancy things
can be done with multiple identities).  Chapter seven goes through client
configuration in detail, working through the configuration file options,
chapter eight covers account configuration on the server-side (including
forced commands), and chapter nine looks at port and X11 forwarding.

For those overwhelmed by all of this, chapter ten describes a
sample "recommended setup" for everything from compilation to client
configuration.  Chapter eleven covers some special topics -- unattended
SSH, FTP forwarding, mail over SSH, Kerberos, using SSH through a gateway
host -- and chapter twelve is a troubleshooting FAQ.

Chapter thirteen is an overview of other implementations, with a table
of products, and four short chapters then cover specific Windows and Mac
clients.  Of the three Windows clients covered here, two are proprietary
and the third is only distributed as a bzipped tar file: it would have
been good to have a chapter on one of the free and more user-friendly
Windows clients, perhaps PuTTY or TTSSH, both of which get a "recommended"
tag in the table of products.

--

%T	SSH, The Secure Shell
%S	The Definitive Guide
%A	Barrett, Daniel J.
%A	Silverman, Richard E.
%I	O'Reilly & Associates
%C	Sebastapol, California
%D	2001
%O	paperback, index
%G	ISBN 0-596-00011-1
%P	540pp
%K	computing

28 May 2002

        ------------------------------------------------------
        Copyright (c) 2002 Danny Yee       http://danny.oz.au/
        Danny Yee's Book Reviews      http://dannyreviews.com/
        ------------------------------------------------------
(Log in to post comments)

Copyright © 2002, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds