Errata

In First Edition - [5/01] printing:

"and servers. serverwide configuration..."

should read

"and servers, serverwide configuration..."

Note from the Author or Editor:
This suggestion is correct; thanks!

In First Edition - [5/01] printing:

"labled K."

should read

"labeled K."

Note from the Author or Editor:
This suggestion is correct; thanks!

The phrase "sense of false security" should be "false sense of security". The former means that the person would become suspicious of the security being false. Presumably, the author meant that the sense was false, not just the security, and that the sense was of security, not insecurity.

Note from the Author or Editor:
Page 333, paragraph 2, line 2: change "sense of false security" to "false sense of security".

to "the topic of SSH."

...Unix SSH versions"

NOW READS:
...Unix SSH versions:

"new terms whre they are defined."

NOW READS:
"new terms where they are defined."

labeled K. "Secured" measns encrypted, ...

NOW READS:
labeled K. "Secured" means encrypted, ...

The sentence:

"What counts as infeasible, though, depending
on how valuable the data is, how long it must stay secure, and how motivated
and well-funded your adversary is."

is grammatically flawed. In fact, I don't think it even constitutes a sentence since "depending" is a gerund not a verb, and thus the "sentence" is missing a verb. The simplest correction could be changing the word "depending" to "depends".

Note from the Author or Editor:
In the identified sentence, the word "depending" should be changed to "depends".

Change "should it be distinguish" to
"should it be able to distinguish"

Note from the Author or Editor:
This suggestion is correct; thanks!

"...domains one.foo.org and two.foo.com"

NOW READS:
"...domains one.foo.com and two.foo.com"

In the bullet list at the top of the page (and the bottom of the
preceeding page) there are 6 items. The last two are "stronger
integrity checking ..." and "periodic replacement of the session
key". For each of these items, there is a section giving details
in the next several pages. There is, however, an extra section
on page 78 (3.5.1.6 in my copy) between the two sections on integrity
checking and session rekeying. This talks about Hostbased authenti-
cation, a topic which does not appear on the bullet list. This is
hardly a big deal, but maybe in the interests of completeness there
should be an additional bulleted item about hostbased authentication
on the list on page 75.

Note from the Author or Editor:
Old edition of the book from 2001, long out of print.

Text reads: "Since ssh-signer2 is a relatively small and simple, ..."

Should read: "Since ssh-signer2 is relatively small and simple, ..."

or

"Since ssh-signer2 is a realatively small and simple program, ..."

Note from the Author or Editor:
Change to: "Since ssh-signer2 is relatively small and simple, ..."

Thanks!

Shouldn't the sentence

"If existing FTP implementations could easily be made to operate
over SSH, there would be no need for ssh, ...."

read
"... there would be no need for scp, ..."

Surely the ability of FTP to do something doesn't influence the need
for ssh in a more general context, even it it does have a bearing on
the file transfer situation. At the very least, this is confusing
wording.

Note from the Author or Editor:
Change to: "... there would be no need for scp, ..."

Thanks!

the single" to "over the single".

cf. the box on p. 155 and p. 363:
Umask 022
sould read
Umask 0022

Note from the Author or Editor:
The suggested change is correct. Thanks!

than one ListenAddress line".

Editing /etc/services:
Line reads
"ssh tcp/22"
should read
"ssh 22/tcp"

Note from the Author or Editor:
The suggested change is correct. Thanks!

Line reads: "AllowUsers "*@10.1.1.[:isdigit:]##"

Should read: "AllowUsers "*@10.1.1.[:digit:]##"

Note from the Author or Editor:
The suggested change is correct. Thanks!

sentence reads:

... access by s host more concisely, getting rid of the unnecessary account-name ...

probably mean, "... access by a host ..."?

Note from the Author or Editor:
Book is long out of print.

The title of the bulleted list reads: "As for AllowHosts and DenyHosts:".

However, the bulleted list for AllowHosts and DenyHosts is on the middle of page 182.

This line should read "As for AllowShosts and DenySHosts". This is perfectly clear
from the last bullet point which is on page 184.

Note from the Author or Editor:
Delete from "As for AllowHosts and DenyHosts:" to the end of the section.

Replace with: "The same bulleted restrictions noted in the previous section for AllowHosts and DenyHosts, apply to AllowSHosts and DenySHosts as well."

Thanks!

Last sentence of number three reads: "Therefore, keys are a quick and convenient
method for checking that a key is unaltered."

Should read: "Therefore, fingerprints are a quick and . . ."

Note from the Author or Editor:
Book is long out of print.

Line 4, second-last word: typo "USENRAME" should be "USERNAME".
Line 6, first word: "STRING" should be in the same typestyle as "USERNAME" on line 4.

In the right-hand column ("Files" for the SSH server), there are some typos.
The word "environment" is misspelled as "enviroment" (twice) and near the
bottom you see "/~.k5login" which should be "~/.k5login".

Note from the Author or Editor:
Book is long out of print.

in the first line, after "specifying 276".

"In a client configuration file, client settings are changed by specifying 276 <linebreak> keywords and values."

NOW READS:
"In a client configuration file, client settings are changed by specifying keywords and values."

The sentence immediately following the table did read:

"Since sally*-account matches both previous sections..."

Now reads:

"Since sally*-account matches both other sections..."

The second paragraph used to read:

"Batch mode may enabled for..."

Now it reads:

"Batch mode may be enabled for..."

The third line of the second paragraph used to read:

"...and contains name of the character device file..."

Now it reads:

"...and contains the name of the character device file..."

"contains name"

NOW READS:
"contains the name"

The last paragraph of the second bulleted item used to read:

"...sftp, then these programs run ssh2..."

Now it reads:

"...sftp, when these programs run ssh2..."

The third line of the second to last paragraph used to read:

"...by a evil intruder?"

Now it reads:

"...by an evil intruder?"

... at least as secure a ...
should read
... at least as secure as a ...

Note from the Author or Editor:
Book is long out of print.

First sentence reads: "Timeouts are set in with the idle-timeout option."

Should remove the word 'in' so the sentence reads: "Timeouts are set with the idle-
timeout option."

Note from the Author or Editor:
Book is long out of print.

First sentence reads: "In addition to any physical network interfaces it may have, a
host running IP has also has a virtual one called, the loopback interface."

One of the "has" words should be deleted.

Note from the Author or Editor:
Book is long out of print.

Sentence reads: "You log into one of these machines using SSH, and want to run an
graphical performance-monitoring tool,"

Should read: "... and want to run a graphical ..."

Note from the Author or Editor:
Book is long out of print.

The sixth line in section 9.3.6.1 did read:

"allow all connections from the your PC..."

Now reads:

"allow all connections from your PC..."

The first line did read:

"should only do this when the both machines..."

Now reads:

"should do this only when both machines..."

Last sentence: /decisions based on the their contents
should be
/decisions based on their contents/

Note from the Author or Editor:
Book is long out of print.

s/port -orwarding/port forwarding/

Note from the Author or Editor:
Book is long out of print.

"Mollusca."