SSH Mastery, A Book Review

“SSH Mastery: OpenSSH, PuTTY, Tunnels, and Keys” by Michael Lucas is one of those technical books that you wouldn’t keep on your bookshelf. It’s one of the books that will have its bindings bent, and many pages bookmarked sitting near the keyboard. Well, that is until most of the information is second nature to you. This book is one of the rare books that lives up to its title, is short and concise, very valuable, and is rather inexpensive.

The author could approach the material as a dull professor, or regurgitate the man page. However, the author addresses an audience of IT professionals as a professional himself. The book introduces the reader to the SSH toolset, goes over the clients (for Mac, Linux, and Windows), key configuration, various SSH configuration bits, a little over X forwarding, the configuration options, and how to do tunneling (enough to emulate a VPN connection).

Besides the writing style, and targeting the audience, I think that the strong points of this book are based on the subtle details. For example, instead of marketing SSH as a mysterious and obscure protocol that is “secure,” it’s described as a wrapping protocol. Many online tutorials and top X SSH tip blog-posts market SSH as the former. Another being, the author takes a side on the option to use the SSH v1 vs. v2 option. He strongly discourages v1, due to its flaws. Lastly, he answered a question or two that I did not realize I had about SSH. The questions were: How can you prevent man-in-the-middle? How can you improve performance? The answers being, key exchanges and multiplexing.

The concerns that I have for this book are rather minor. I would have liked the author to provide some data demonstrating the performance of the protocol. Example of performance could come from a comparison of speeds of file transfers [and different ciphers used], or gathering some evidence on how much cost is involved in using a terminal through SSH. The other criticism that I have is that the book did not go into detail on X forwarding. The reason given: It varies quite a bit from platform to platform and is subject to change. It would have been nice to get a review on the different X clients and protocols available.