查字典图书网
查字典图书网
内容简介:
Are you serious about network security? Then check out SSH, the Secure Shell, which provides key-based authentication and transparent encryption for your network connections. It's reliable, robust, and reasonably easy to use, and both free and commercial implementations are widely available for most operating systems. While it doesn't solve every privacy and security problem, SSH eliminates several of them very effectively. Everything you want to know about SSH is in our second edition of SSH, The Secure Shell: The Definitive Guide. This updated book thoroughly covers the latest SSH-2 protocol for system administrators and end users interested in using this increasingly popular TCP/IP-based solution. How does it work? Whenever data is sent to the network, SSH automatically encrypts it. When data reaches its intended recipient, SSH decrypts it. The result is "transparent" encryption-users can work normally, unaware that their communications are already encrypted. SSH supports secure file transfer between computers, secure remote logins, and a unique "tunneling" capability that adds encryption to otherwise insecure network applications. With SSH, users can freely navigate the Internet, and system administrators can secure their networks or perform remote administration. Written for a wide, technical audience, SSH, The Secure Shell: The Definitive Guide covers several implementations of SSH for different operating systems and computing environments. Whether you're an individual running Linux machines at home, a corporate network administrator with thousands of users, or a PC/Mac owner who just wants a secure way to telnet or transfer files between machines, our indispensable guide has you covered. It starts with simple installation and use of SSH, and works its way to in-depth case studies on large, sensitive computer networks. No matter where or how you're shipping information, SSH, The Secure Shell: The Definitive Guide will show you how to do it securely.
作者简介:
Daniel J. Barrett
Daniel J. Barrett has been immersed in Internet technology since 1985. Currently working as a software engineer, Dan has also been a heavy metal singer, Unix system administrator, university lecturer, web designer, and humorist. He is the author of O'Reilly's Linux Pocket Guide, and is the coauthor of Linux Security Cookbook, and the first edition of SSH, The Secure Shell: The Definitive Guide. He also writes monthly columns for Compute! and Keyboard Magazine, and articles for the O'Reilly Network.
Richard E. Silverman
Richard E. Silverman has a B.A. in computer science and an M.A. in pure mathematics. Richard has worked in the fields of networking, formal methods in software development, public-key infrastructure, routing security, and Unix systems administration. He co-authored the first edition of SSH, The Secure Shell: The Definitive Guide.
Robert G. Byrnes
Robert G. Byrnes, Ph.D., has been hacking on Unix systems for twenty years, and has been involved with security issues since the original Internet worm was launched from Cornell University, while he was a graduate student and system administrator. Currently, he's a software engineer at Curl Corporation, and has worked in the fields of networking, telecommunications, distributed computing, financial technology, and condensed matter physics.
目录:
Chapter 1 Introduction to SSH
What Is SSH?
What SSH Is Not
The SSH Protocol
Overview of SSH Features
History of SSH
Related Technologies
Summary
Chapter 2 Basic Client Use
A Running Example
Remote Terminal Sessions with ssh
Adding Complexity to the Example
Authentication by Cryptographic Key
The SSH Agent
Connecting Without a Password or Passphrase
Miscellaneous Clients
Summary
Chapter 3 Inside SSH
Overview of Features
A Cryptography Primer
The Architecture of an SSH System
Inside SSH-2
Inside SSH-1
Implementation Issues
SSH and File Transfers (scp and sftp)
Algorithms Used by SSH
Threats SSH Can Counter
Threats SSH Doesn't Prevent
Threats Caused by SSH
Summary
Chapter 4 Installation and Compile-Time Configuration
Overview
Installing OpenSSH
Installing Tectia
Software Inventory
Replacing r-Commands with SSH
Summary
Chapter 5 Serverwide Configuration
Running the Server
Server Configuration: An Overview
Getting Ready: Initial Setup
Authentication: Verifying Identities
Access Control: Letting People In
User Logins and Accounts
Forwarding
Subsystems
Logging and Debugging
Compatibility Between SSH-1 and SSH-2 Servers
Summary
Chapter 6 Key Management and Agents
What Is an Identity?
Creating an Identity
SSH Agents
Multiple Identities
PGP Authentication in Tectia
Tectia External Keys
Summary
Chapter 7 Advanced Client Use
How to Configure Clients
Precedence
Introduction to Verbose Mode
Client Configuration in Depth
Secure Copy with scp
Secure, Interactive Copy with sftp
Summary
Chapter 8 Per-Account Server Configuration
Limits of This Technique
Public-Key-Based Configuration
Hostbased Access Control
The User rc File
Summary
Chapter 9 Port Forwarding and X Forwarding
What Is Forwarding?
Port Forwarding
Dynamic Port Forwarding
X Forwarding
Forwarding Security: TCP-Wrappers and libwrap
Summary
Chapter 10 A Recommended Setup
The Basics
Compile-Time Configuration
Serverwide Configuration
Per-Account Configuration
Key Management
Client Configuration
Remote Home Directories (NFS, AFS)
Summary
Chapter 11 Case Studies
Unattended SSH: Batch or cron Jobs
FTP and SSH
Pine, IMAP, and SSH
Connecting Through a Gateway Host
Scalable Authentication for SSH
Tectia Extensions to Server Configuration Files
Tectia Plugins
Chapter 12 Troubleshooting and FAQ
Debug Messages: Your First Line of Defense
Problems and Solutions
Other SSH Resources
Chapter 13 Overview of Other Implementations
Common Features
Covered Products
Other SSH Products
Chapter 14 OpenSSH for Windows
Installation
Using the SSH Clients
Setting Up the SSH Server
Public-Key Authentication
Troubleshooting
Summary
Chapter 15 OpenSSH for Macintosh
Using the SSH Clients
Using the OpenSSH Server
Chapter 16 Tectia for Windows
Obtaining and Installing
Basic Client Use
Key Management
Accession Lite
Advanced Client Use
Port Forwarding
Connector
File Transfers
Command-Line Programs
Troubleshooting
Server
Chapter 17 SecureCRT and SecureFX for Windows
Obtaining and Installing
Basic Client Use
Key Management
Advanced Client Use
Forwarding
Command-Line Client Programs
File Transfer
Troubleshooting
VShell
Summary
Chapter 18 PuTTY for Windows
Obtaining and Installing
Basic Client Use
File Transfer
Key Management
Advanced Client Use
Forwarding
Summary
Appendix
Colophon
