内容简介

Are you serious about network security? Then check out SSH, the Secure Shell, which provides key-based authentication and transparent encryption for your network connections. It's reliable, robust, and reasonably easy to use, and both free and commercial implementations are widely available for most operating systems. While it doesn't solve every privacy and security problem, SSH eliminates several of them very effectively. Everything you want to know about SSH is in our second edition of SSH, The Secure Shell: The Definitive Guide. This updated book thoroughly covers the latest SSH-2 protocol for system administrators and end users interested in using this increasingly popular TCP/IP-based solution. How does it work? Whenever data is sent to the network, SSH automatically encrypts it. When data reaches its intended recipient, SSH decrypts it. The result is "transparent" encryption-users can work normally, unaware that their communications are already encrypted. SSH supports secure file transfer between computers, secure remote logins, and a unique "tunneling" capability that adds encryption to otherwise insecure network applications. With SSH, users can freely navigate the Internet, and system administrators can secure their networks or perform remote administration. Written for a wide, technical audience, SSH, The Secure Shell: The Definitive Guide covers several implementations of SSH for different operating systems and computing environments. Whether you're an individual running Linux machines at home, a corporate network administrator with thousands of users, or a PC/Mac owner who just wants a secure way to telnet or transfer files between machines, our indispensable guide has you covered. It starts with simple installation and use of SSH, and works its way to in-depth case studies on large, sensitive computer networks. No matter where or how you're shipping information, SSH, The Secure Shell: The Definitive Guide will show you how to do it securely.

作品目录

Chapter 1 Introduction to SSH

What Is SSH?

What SSH Is Not

The SSH Protocol

Overview of SSH Features

History of SSH

Related Technologies

Summary

Chapter 2 Basic Client Use

A Running Example

Remote Terminal Sessions with ssh

Adding Complexity to the Example

Authentication by Cryptographic Key

The SSH Agent

Connecting Without a Password or Passphrase

Miscellaneous Clients

Summary

Chapter 3 Inside SSH

Overview of Features

A Cryptography Primer

The Architecture of an SSH System

Inside SSH-2

Inside SSH-1

Implementation Issues

SSH and File Transfers (scp and sftp)

Algorithms Used by SSH

Threats SSH Can Counter

Threats SSH Doesn't Prevent

Threats Caused by SSH

Summary

Chapter 4 Installation and Compile-Time Configuration

Overview

Installing OpenSSH

Installing Tectia

Software Inventory

Replacing r-Commands with SSH

Summary

Chapter 5 Serverwide Configuration

Running the Server

Server Configuration: An Overview

Getting Ready: Initial Setup

Authentication: Verifying Identities

Access Control: Letting People In

User Logins and Accounts

Forwarding

Subsystems

Logging and Debugging

Compatibility Between SSH-1 and SSH-2 Servers

Summary

Chapter 6 Key Management and Agents

What Is an Identity?

Creating an Identity

SSH Agents

Multiple Identities

PGP Authentication in Tectia

Tectia External Keys

Summary

Chapter 7 Advanced Client Use

How to Configure Clients

Precedence

Introduction to Verbose Mode

Client Configuration in Depth

Secure Copy with scp

Secure, Interactive Copy with sftp

Summary

Chapter 8 Per-Account Server Configuration

Limits of This Technique

Public-Key-Based Configuration

Hostbased Access Control

The User rc File

Summary

Chapter 9 Port Forwarding and X Forwarding

What Is Forwarding?

Port Forwarding

Dynamic Port Forwarding

X Forwarding

Forwarding Security: TCP-Wrappers and libwrap

Summary

Chapter 10 A Recommended Setup

The Basics

Compile-Time Configuration

Serverwide Configuration

Per-Account Configuration

Key Management

Client Configuration

Remote Home Directories (NFS, AFS)

Summary

Chapter 11 Case Studies

Unattended SSH: Batch or cron Jobs

FTP and SSH

Pine, IMAP, and SSH

Connecting Through a Gateway Host

Scalable Authentication for SSH

Tectia Extensions to Server Configuration Files

Tectia Plugins

Chapter 12 Troubleshooting and FAQ

Debug Messages: Your First Line of Defense

Problems and Solutions

Other SSH Resources

Chapter 13 Overview of Other Implementations

Common Features

Covered Products

Other SSH Products

Chapter 14 OpenSSH for Windows

Installation

Using the SSH Clients

Setting Up the SSH Server

Public-Key Authentication

Troubleshooting

Summary

Chapter 15 OpenSSH for Macintosh

Using the SSH Clients

Using the OpenSSH Server

Chapter 16 Tectia for Windows

Obtaining and Installing

Basic Client Use

Key Management

Accession Lite

Advanced Client Use

Port Forwarding

Connector

File Transfers

Command-Line Programs

Troubleshooting

Server

Chapter 17 SecureCRT and SecureFX for Windows

Obtaining and Installing

Basic Client Use

Key Management

Advanced Client Use

Forwarding

Command-Line Client Programs

File Transfer

Troubleshooting

VShell

Summary

Chapter 18 PuTTY for Windows

Obtaining and Installing

Basic Client Use

File Transfer

Key Management

Advanced Client Use

Forwarding

Summary

Appendix

Colophon