Subject:
Re: SSH Howto
From:
Saqib Ali ####@####.####
Date:
25 Jan 2004 05:58:53 -0000
Message-Id: <Pine.GSO.4.55.0401242137450.9625@sjgcs1.stsj.seagate.com>
Jeff,
After looking at the outline, I think your HOWTO will be a valuable
addition to the TLDP repository.
SSH tunneling and key management are hot topics these days, might be
useful to elaborate upon them, and go into details.
Thanks.
Saqib Ali
-------------
http://validate.sf.net <---- DocBook XML -> HTML Convertor
On Sat, 24 Jan 2004, Jeff M Horsager wrote:
> Here is a (very rough) outline of the ground I want to cover:
>
> 1. Introduction
>
> -Telnet, ftp, and insecure transmission elucidation. Supporting
> examples: tcpdump packets showing the transparency of unencrytped data.
> Define the problem and propose SSH as a solution.
>
> -Brief historical summary: SSH1, SSH2 and OpenSSH (which is the focus of
> the document).
>
> -SSH as a secure replacement for telnet, ftp, rsh, rcp and rlogin. Also
> hint at the possibilities for tunneling other plain text protocols (to
> be covered in more depth later).
>
> -Touch on X11 forwarding.
>
> 2. Installation and key generation
>
> -As OpenSSH is standard on most distros, the description of the
> installation proper will be somewhat cursory, but will include a nod to
> the necessary ancillary packages (i.e OpenSSL and zlib).
>
> -A Brief description of RSA/DSA and public key encryption (at least as
> much as my limited mathematical mind can wrap itself around).
>
> -Key generation (ssh-keygen) and touch upon key management.
>
> 3. SSH Client Use and Configuration.
>
> -ssh from the command line and some of the more commonly used options
> (with supporting examples).
>
> -scp and sftp
>
> -In depth key management including using keys for connecting to remote
> machines without a password. In this section I will cover ssh-add from
> the command line as well as using it at cli login (.bash_profile) and
> GUI (gnome) login.
>
> -Client side config files (i.e. ~/.ssh/*)
>
> 4. The SSH Server and Configuration
>
> -The sshd daemon
>
> -sshd logging
>
> -Server side config files (i.e. /etc/ssh/*)
>
> -Server side security (tcp wrappers)
>
> -Authentication and access control. Touch here upon kerberos, PAM, and
> S/Key (one time password) authentication options.
>
> 5. Advanced Topics
>
> -Port forwarding (X11, TCP, etc.)
>
> -Examples
>
> 6. Resources
>
> -Web sites (including links to more in depth explanations of subjects
> such as public key encryption).
>
> -Other documents (the other ssh related howtos and the ibm developer
> works tutorial series immediately come to mind).
>
> -Print sources (The O'Reilly "snail" book comes to mind here)
>
> -Client software for non-linux systems (i.e. MindTerm for Java, and
> Putty for MS-Windows).
>
> I consider the above to be a rough outline. The structure will likely
> be somewhat fluid (fluid in the sense of 'subject to modification', not
> in the sense of 'rambling') and I propose the above more as an outline
> of the topics that will be covered than as an actual skeletal structure
> that the document will hang itself on.
>
> It's more of a brain dump than a framework.
>
> Jeff
>
>
> On Sat, 2004-01-24 at 17:38, Saqib Ali wrote:
> > Jeff,
> >
> > SSH Howto would be nice. But I am not sure what topics you want to cover.
> > Please provide an outline of the topics you wish to cover.
> >
> > Thanks.
> > Saqib Ali
> > -------------
> > http://validate.sf.net <---- DocBook XML -> HTML Convertor
> >
> >
> >
> > On Sat, 24 Jan 2004, Jeff M Horsager wrote:
> >
> > > Hello,
> > >
> > > I'm new to the list and to the tldp process, so please let me know
> > > should I make any egregious violations of protocol.
> > >
> > > I'm interested in writing an SSH Howto (OpenSSH, specifically). I am
> > > aware of the existing documents: "MindTerm-SSH-HOWTO", "Secure-POP+SSH",
> > > and "Setting up Samba over SSH Tunnel mini-HOWTO (In Progress, draft
> > > available)".
> > >
> > > These documents focus on tunneling other protocols through SSH, and do
> > > touch on broader issues in the process. My goal, however, is to provide
> > > a more comprehensive document that covers topics from introduction and
> > > installation through no-password logins and port forwarding, with
> > > pointers to existing documents for specific information. I also plan to
> > > cover the ancillary tools: scp, sftp.
> > >
> > > I saw nothing in the pipeline and have not submitted it as a project as
> > > I wanted to get feedback first, so let me know what you think.
> > >
> > > I have read the "LDP Author Guide" and the "Gnome Documentation
> > > Handbook" and have docbook tools already in place (competently using
> > > them is another matter, but I'll gloss over that for now...)
> > >
> > > Thoughts? Encouragement? Stern dissaproval? Your feedback is
> > > appreciated.
> > >
> > > Thanks,
> > > Jeff
> > >
> > >
> > > ______________________
> > > http://lists.tldp.org/
> > >
> > >
>
>
