Secure Shell (SSH) is a utility that can be described in many different ways. It can be described as a protocol, an encryption tool, a client/server application, or a command interface. Along with its various descriptions, SSH provides various functions with a single package. SSH’s diverse set of services and the ability to provide those services in a secure manner have allowed it to become a staple in many enterprise networks.
Most security professionals probably discovered SSH very early in their careers and have fallen in love with it ever since. SSH to the security professional is like a donut to Homer Simpson: a godsend. Professionals continually ask hemselves if there is anything SSH can’t do. For the security professional, SSH provides everything one could ask for, including a free car wash on week-ends (well, that is what it seems like sometimes). One of the great things about SSH is that not only do security professionals use and love the utility, but non-security technical professionals and nontechnical professionals love it as well. Furthermore, SSH is compared with other security utilities in the industry,such as RSASecureID tokens, it is evident that security professionals are the predominant end-users of these other utilities. SecureID tokens are not widely used by nontechnical personnel and are not deployed often in environments that are not closely affiliated with corporate security. On the other hand, SSH is deployed in many Unix workstations/servers, Windows workstations, and a variety of network devices such as Cisco routers and switches.
Some books on the market today cover SSH. Unlike most of them, this book does not cover the ins and outs of SSH as a protocol, the encryption modules used in SSH1 and SSH2, or the supported algorithms. Instead, it covers the ins and outs of implementing and optimizing SSH. Think of this book as a tactical guide to SSH: Now that I understand SSH, how can I use it? This book covers the how can I use itpart. Covered in detail is how to install, implement, optimize, and support SSH in Unix, Windows, and network architecture environments.
Who Should Read This Book
Implementing SSHis intended for professionals working in data centers. The material presented in the chapters that follow is essential, need-to-know information on how to implement SSH from small networks to enterprise
networks. This book covers common “How-Tos,” providing the necessary implementation steps and detailed descriptions of all the services SSH can provide to an environment. You are encouraged to use this book as a quick reference for how to do certain tasks. It is not necessarily meant to be read from start to finish; thus, individual chapters are self-supporting, without requiring any prior knowledge of the other chapters. For example, if you need or want to learn how to use SSH as a proxy service, you can simply go to Chapter 9, “Proxy Technologies in a Secure Web Environment,” and begin reading. You do not have to have read Chapters 1 through 8 to understand the concepts discussed in Chapter 9.
Generally speaking, this book is for the following types of individuals:
- Anyone interested in learning how to implement SSH, including all of its capabilities and strengths
- Anyone interested in expanding his or her existing knowledge of SSH
- Anyone looking for new strategies in optimizing her or his current usage of SSH