Conclusion
As with most great tools available to the security community, this publication has only scratched the surface with regards to OpenSSH's complete capabilities. The basics covered in this Step-by-Step guide are just that: basics. You now have the skills necessary to:
- Obtain, compile, install and configure OpenSSH
- Obtain, install and use a variety of Windows based SSH clients
- Initiate secure, interactive communication channels
- Transfer files securely using SSH
- Create, distribute, and securely utilize public/private key pairs
As a security practitioner, the responsibility is on you to be creative in your security solutions. The building blocks presented here will undoubtedly foster solutions, raise questions and initiate some heated discussions; all of which will contribute significantly to the profession if you share your solutions, questions or discussions. Defense in depth covers more than just the technical roadblocks we erect to thwart attackers . It also means building our professional communications so that the collective knowledge is shared, refined, and disseminated. So, you are encouraged to share your experience at the numerous available venues and to send email to openssh@sans.org.
The publishing team would like to thank you for your time in reading and using this publication. The time spent consolidating and distilling this information was done for one single reason: to help you secure your environment. OpenSSH is a powerful tool, one that should be used everywhere possible. It really is a necessary portion of our guiding principles:
- If you don't need it, don't run it.
- If you must run it, run it securely and keep it patched
Now that you have the knowledge, it's time to get busy. Use this book, implement OpenSSH, and be safe. Where are you going to disable telnet today?