The book begins with the obligatory history of SSH and some of the current issues surrounding it. From there, we head into what SSH is and what it is not. We're still on the level of standard fare as we proceed into the basic client uses, reaching a high point with a simple narrative on key creation... but, then we drop down to drooling insult as the authors begin to explain cryptographic functions. The cryptography eventually builds to provide interesting information as to the internal machinations of the various implementations of SSH.

Moving on to the installation and compilation section, I honestly expected standard simple make install kind of stuff with a trite "use these switches for the compile 'cause that's what we do" sort of thing. That was there, and in O'Reilly fashion, all of the compile time switches are listed and explained- but for a very pleasant surprise the section includes a software inventory for the multiple incarnations of SSH- and their typical system locations. Personally, I feel that such a bill of lading should be included with the "readme" files of every package. (And, yes, I know that many folks do include something similar- but, just as many folks do not. Open Source or not, documentation is still vital.)

The first four chapters or so were basic information, liberally seeded with advertisement-like mentions of things like "You can do port tunneling" and then not explaining it at that point. This is somewhat understandable, I guess, getting the basics of what it is and how to set up an SSH server out of the way. Chapters 5 and 6 explain more on how to actually administrate SSH and get a lot more in-depth about the security and keys.

Going into the 7th chapter is the point where Mr. Barrett and Mr. Silverman really start to cook, going into detail on the things that they had teasingly mentioned in earlier chapters- such as how to do the port forwarding and x forwarding; they even go as far as providing case studies. A relatively dry FAQ section and then an interesting chapter, "Overview of other implementations", follow this.

The last 4 chapters deal specifically with SSH running on non-Unix platforms, detailing a Windows NT SSH1 Server, the F-Secure and SecureCRT clients as well as "NiftyTelnet SSH" for Macintosh. This particularly pleased me, as my belief is that anything good should be shared- not just in code, but in implementation; in short, I love cross platform. I have tried both the F-Secure and SecureCRT clients and I wasn't all that thrilled either- at least not compared to just doing SSH from a CYGWIN Bash shell. The SSH1 Server was quite a pleasant surprise to me also, and I was quick to check it out. It's a shame that it is only SSH1, but considering that it's for Windows NT, I would say that NT Administrators are very lucky to have that.

In all honesty, the introduction of the book has a section that breaks down which chapters you should check out depending on what you're looking to get out of the book. Being as I was reading this time for the purpose of reviewing it, I read the entire thing- the conclusion that I made then was that the introduction hits the nail on the head. This book is really a good tool for different objectives, providing a painfully basic narration at some points for people that are very new to SSH, then later providing rather specific information arranged by need. Overall, the book was informative and interesting, and one that any Admin running SSH- Unix or Windows NT- should seriously consider picking up. After all, anymore, SSH is the only smart way to go...

Paperback- 558 pages (January 2001)
O'Reilly; ISBN: 0-596-00011-1