As with most great tools available to the security community, this publication has only scratched the surface with regards to OpenSSH's complete capabilities. The basics covered in this Step-by-Step guide are just that: basics. You now have the skills necessary to:
As a security practitioner, the responsibility is on you to be creative in your security solutions. The building blocks presented here will undoubtedly foster solutions, raise questions and initiate some heated discussions; all of which will contribute significantly to the profession if you share your solutions, questions or discussions. Defense in depth covers more than just the technical roadblocks we erect to thwart attackers . It also means building our professional communications so that the collective knowledge is shared, refined, and disseminated. So, you are encouraged to share your experience at the numerous available venues and to send email to openssh@sans.org.
The publishing team would like to thank you for your time in reading and using this publication. The time spent consolidating and distilling this information was done for one single reason: to help you secure your environment. OpenSSH is a powerful tool, one that should be used everywhere possible. It really is a necessary portion of our guiding principles:
Now that you have the knowledge, it's time to get busy. Use this book, implement OpenSSH, and be safe. Where are you going to disable telnet today?
SECTION I - Obtaining, Compiling and Installing OpenSSH
SECTION II - How to Use OpenSSH Clients for Unix-to-Unix Connectivity
SECTION III - How To Use PuTTY/WinSCP For PC-To-Unix Connectivity
SECTION IV - Using Public Key Authentication
SECTION V - Troubleshooting SSH Connections
SECTION VI - Advanced SSH Topics
Conclusion
Appendix - Sample sshd_config File