The main problem with this book is not that it is incomplete, but that you will probably have to wade through portions that do not apply to you to get to what you need to know.

The authors are knowledgable, and I had no problem with the presentation. However, I was looking for the format of ssh and scp commands for the purpose of programmng them in PERL and the needed security files that have to be present for those commands to work without the necessity of logging in every time. I found what I needed to know in this book, but I might have been better off if I had just done a web search for this information.

Likewise, network and UNIX administrators probably have the information they need in this book too, but they will have to wade through the information for programmers as well as the information for IT managers who are deciding whether or not to install SSH on their machines and why. I'd still recommend it since it is a well-written and well-illustrated book. Just be prepared to go digging for what applies to your specific situation.

If the publisher, instead of looking for some money from Tectia to do its merchandising, had restricted the material to OpenSSH, a free and marvellous software, the book would be thinner and cheaper. The mixing of different configurations for both Tectia and OpenSSH is the only negative point I found. The authors sure know pretty much about SSH and have a great talent to explain in depth its concepts.

I am a consultant and used this book on an integration project. There is not much special about this book. It is relatively difficult to find information on a topic as the author tries to integrate the information on ssh1, ssh2 and open ssh and it is sometimes not clear what something applies to or not. Not much else available and at least one revision has already been issued.

This is one of those O'Reilly books that actually makes you stupider than you were before having read it.

Face it, nobody reads books like this cover-to-cover. We might go through the introduction and the first few chapters, but after that we jump around to the parts we want to know about right now. The authors of this book have done everything in their power to make sure that this is not possible. In my case, I was interested in learning more about the various options involved in port forwarding, so I skipped ahead to chapter 9, which is dedicated to the subject. Unfortunately for me, I was completely lost, not because I had no grasp of the concepts involved, but because of the horrible writing, illustration and page layout choices.

First off, the authors seem to be big fans of mathematics, as they frequently contract long, complex statements into single letters they have chosen arbitrarily. Now this might not be a big problem when you're talking about getting from "computer A" to "computer B", but when providing examples of commands one is to enter into a terminal that look like this:

ssh -L2001:S:143 S

or even better yet:

ssh -g -L P:S:W B

It gets pointlessly confusing. If you don't already know what you're doing, you'll probably think that those capital letters are arguments you should type into your terminal rather than the names of computers and ports you're supposed to insert yourself, especially when there are absolutely NO full, syntactically correct examples of these commands given anywhere in the book. It's like it would kill them to type out a single working example. I would suggest the possibility that they might suffer from severe carpal tunnel syndrome as an explanation for this terseness were it not for the amazing displays of verbosity these very same authors seem to be capable of whenever another opportunity to shamelessly plug Tectia presents itself. If I didn't know better I'd think there was a product placement deal at work here.

On top of all of this, the illustrations are just awful. Not only are they frequently as ambiguous as the command line examples they are meant to illustrate, but they are also labeled inconsistently, and worst of all, are often placed 2-3 pages away from the text they are meant to compliment. You can easily waste hours of time flipping back and forth between lines like "ssh -g -L P:S:W B" and the pictures of poorly drawn boxes which defy all laws of perspective and clouds with arrows pointing all over the place that are meant to clarify them somehow.

I'm sure the authors know a lot more about SSH than I ever will, but they cannot write, and I wish O'Reilly's editors would start enforcing some kind of quality control in their publications. There are free tutorials out there that are better than this tripe, and many of them are written by 11 year olds.

For something that should be simple SSH is anything but a walk in the park. This is compounded by the fact that the documentation for SSH just blows. This book, however, does everything but blow. In classic O'Reilly fashion the author decomposes the topic and covers it effectively from almost every angle with excellent writing and superb graphics. This is a great book for anyone who uses SSH, or who is having issues with it.

[A review of the 2nd EDITION 2005.]

In an earlier, more trusting Internet, rlogin, ftp and telnet were widely used for remote access. But the increase in malware sniffing of these plaintext channels has led to ssh largely supplanting them. The book explains why you as a user should prefer ssh. It greatly helps to guard your account and its password. No small matter if this account has sensitive data. Actually, if you are also a sysadmin, you may want to consider restricting secure remote access to ssh.

The book deals with the broad outline of the cryptographic underpinnings. But it does not require you to understand any of the formal maths. (Whew!) As a practical matter, the bulk of the text is taken up with the myriad ways that ssh implementations can be used. Shows the crucial role played by ssh. Possibly the hardest part concerns key management. Which is often the bane of any cryptosystem. So you should not regard this as a particular failing of ssh.

I recently finished reading SSH, The Secure Shell, The Definitive
Guide, by Barrett and Silverman over at O'Reilly. This book is
exacly what the title says, it's a definitive guide to SSH. It covers
installation and use. It incorporates SSH usage in a semi how-to
fashion but it also contains what How-tos would leave out. It
describes the how and the why related to protocols, procedures,
programs (scp, sftp...) and configurations. Through out the book they
discuss SSH1, SSH2 and OpenSSH (less) and a comparison of what one
SSH version has over the other. It covers aspects like Installation
and configuration, X11 Forwarding, Securing IMAP Auth and many others.

This book covers both the server and client aspect of SSH and I
would recommend this book to anyone who would like an in depth
look at SSH.

SSH, the Secure Shell: The Defintiive Guide is another great book from O'Reilly. As the name would suggest, however, it's not so much a meant as a tutorial or a howto as it is an in-depth analysis of SSH's workings, though the examples given could probably be used as the former.

The first chapters of the book begin with a lookat what SSH is, a summary of its general uses, and the differences between the various SSH implmentations. It then quickly moves onto a number of practical examples, with explanations of both the 'how' and 'why' behind the examples.

Some of the more interesting examples are those that demonstrate X11 tunnelling, key management, and how SSH can be integrated with other applications (such as PGP, for example).

One of the major faults of the book is in the writing style. The regular switching back and forth between a conversational tone and a serious, technical one was something that I found rather annoying. But other than that, this is more or less a well-rounded and nicely written book on SSH, and I would certainly recommend it to anyone who is interested in this topic.

I had some experience with ssh prior to purchasing this book, but picked it up to learn about more advanced topics like key pair generation for unattended ssh tunnels.

The content of the book is ok, but the organization is horrible. The authors mix SSH1, SSH2 and OpenSSH and it is easy to get confused as to which files or commands belong to which. To add to the confusion, OpenSSH now appears to support SSH2 protocol so a lot of the file names don't match up. That makes the book a little out-of-date.

The biggest complaint is that there are no "cookbooks". I wanted to do something well-defined and relatively common. There was a section suited specifically to what I wanted. However to ACTUALLY IMPLEMENT the technique, I had to flip back and forth between 5 different sections, plus infer some information about file contents.

There are few complete configuration file examples. There are snips of files scattered throughout a section - again making for a lot of navigation through the book to assemble sufficient information to get the job done.

The index is marginal, which makes this poorly-suited for a reference manual.

In all, a real disappointment for a O'Reilly book. The editors must have been asleep at the wheel.

Although not entirely difficult to follow, this book was useful after a little ssh hands-on.

I bought this book several months ago because I was considering implementing SSH into a systm. Prior to reading the book, I had little understanding of SSH other than that it provides secure versions of popular tools such as FTP.
I initially read most of it during a cross-country flight. It was really good, and I came away with a good theoretical understanding of SSH. Now here I am several months later trying to actually implement it, and I'm not so pleased with the book. Infomation is scattered throughout the book. If you don't believe me, take a look at the index, it is online here at the Amazon site. As you are reading a topic, the texts suggests you bounce to another page, then another, and another. It's very confusing. Also, probably not so much of the book's fault, but there are a lot of flavors of SSH (both protocols (2) and implementations (many)). I find it very difficult to understand which material in the general text applies to the version I am using. There is a good index that does break down some commands and associated options / arguments by SSH implementation.
One good thing, though, is that I emailed the authors a question, and one of them actually responded.

Overall, I didn't like the book and I found it confusing since it described too many things at the same time. Thus, it seemed, the book didn't save me time and I had to search the web for further details, especially on the things that I wanted to do like using SSH commands.

Overall, I didn't really like most of the book. I found the book much too confusing since it described the commerical and open versions of SSH at the same time -- as well as both protocols 1 and 2. My mind likes something much more orthoganal in structure.

I found the OpenSSH man pages much more useful than the book for the operation of OpenSSH.

The back of the book starts to get interesting. For example, it describes the pros and cons of running ssh in a batch process. I wish the information in the front of the book was as useful.

I was looking for a "best practices guide to SSH deployment" rather than just a verbose manpage.

The section on Kerberos and AFS seemed to short, probably because the authors don't use AFS?

I kind of forget how thourough the PAM/OpenSSH part is.

And, I can't recall many debugging tips.

I guess that I had the feeling that the book was a manpage extension rather than a source of good, solid, hard earned pragmatic advice.

I was happy that my employer has a $100.00 book allowance. This isn't a book I care to keep.

I had a lot of problems with the "technical" description of the SSH 1 & 2 protocol suites. It seems to me the authors have a half-baked understanding of cryptography theory and a half-baked understanding of the SSH Internet Drafts, and have then combined them to provide a muddled and misleading overview of the protocols.

I think that with a topic as complex and important and network security, it is important to be accurate, and I do believe that you can be accurate without delving into every single detail. But I continue to find passages all over the place (in particular with respect to host- and user-authentication) which leave me scratching my head and wondering: "is this misleading English, or is it just plain wrong?"

SSH-1 is described in this way. Then, the authors proceed to build upon this shaky foundation by describing (in a very handwaving sort of way) how SSH-2 differs from SSH-1. In the process, they gloss over some very fundamental differences between the two protocol suites.

On the other hand, I think the practical presentation of ssh as power tool is very good, and well worth reading. It is the best practical description of ssh that I have encountered.

SSH:

- A complex and hard to master protocol (protocols).
- An invaluable defensive weapon against several types of attacks.
- In short time, SSH will be the 'de facto' privacy standard for remote connections and transference.

The Approach:

Three extraordinary introduction chapters, clearly and well written, lead you step by step into SSH internals. Several clever graphics, and a lot of basic definitions makes these chapters absolutely self contained.
The rest of the chapters are carefully dedicated to issues related to implementation and use of SSH, and to ports to several Operating Systems.

The Book:

540+ Pages well structured into 17 chapters and two appendixes.
Clever conventions, and a very useful 'Which Chapters Are for You' guide.
Plenty of 'real world' examples and 63 pages of special case studies.

The Covered Protocols:

- SSH1.
- F-Secure SSH1.
- OpenSSH.
- SSH2.
- F-Secure SSH2.

The Intended Audience:

Quoting the authors: " We've written this book for system administrators and technically minded users. Some chapters are suitable for a wide audience, while others are thoroughly technical and intended for computer and networking professionals."

The Bottom Line:

Being a computer security professor, I constantly assign to my students complex laboratory works related to SSH. Well, with the only help of this book, they usually succeed in their tasks and even improve the original projects.
It is a worthy book and really deserves to be purchased.