The SSH Protocol
Documented in the RFC file from the
SSH1 distribution, this version of the protocol is obsolete, but still in
wide use for historical reasons.
| Version 2.0 (Core Protocols) |
|
The SSH-2 protocol is described in five main documents.
Architecture describes the overall design of SSH-2.
Transport provides a single, full-duplex, byte-oriented
connection between client and server, with privacy, integrity, server
authentication, and man-in-the-middle protection. Authentication
identifies the client to the server. Connection provides richer,
application-support services over the transport pipe, such as channel
multiplexing, flow control, remote program execution, signal propagation,
connection forwarding, etc. Finally, the Assigned Numbers
document gathers together and lists various constant assignments made in
the other drafts.
Other RFC's
| Version 2.0 (Related Drafts and Proposals) |
|
-
Diffie-Hellman Group Exchange (Friedl, Provos & Simpson)
Proposed new Diffie-Hellman key-exchange method for SSH-TRANS. The
existing method uses fixed, well-known finite field and
subgroup generator parameters to the Diffie-Hellman
algorithm. The proposed method allows a client to pick
parameters from a set offered by the server.
Using GSSAPI authentication for key exchange in Secure Shell
(Hutzelman & Salowey)
This memo describes methods for using the GSS-API for authentication
and key exchange in SSH. It defines an SSH user authentication
method which uses a specified GSSAPI mechanism to authenticate a
user, and a family of SSH key exchange methods which use GSSAPI to
authenticate the Diffie-Hellman exchange described in [SSH-TRANSPORT].
This memo also defines a new host public key algorithm which can be
used when no operations are needed using a host's public key, and a
new user authentication method which allows an authorization name to
be used in conjunction with any authentication which has already
occurred as a side-effect of key exchange.
SSH File Transfer Protocol (Ylonen & Lehtinen)
The Secure Shell File Transfer Protocol provides secure file
transfer functionality over any reliable data stream. It is
the standard file transfer protocol for use with the Secure
Shell Remote Login Protocol. This document describes the file
transfer protocol and its interface to the Secure Shell
protocol suite.
SECSH Public Key File Format (Galbraith & Thayer)
This document formally documents the existing public key file
format in use for exchanging public keys between different
SECSH implementations.
X.509 authentication in SSH2 (Galbraith & Saarenmaa)
The X.509 extension specifies how X.509 keys and signatures are used
within the SSH2 protocol
-
Secure Shell Public Key Channel (Galbraith, Van Dyke)
Protocol to run inside an SSH-TRANS channel, for configuring
public-key authorization data for a remote account. This
addresses the problem of multiplying implementation-specific
methods for doing this (e.g. files "authorized_keys",
"authorization", "authorized_keys2", differing key storage
formats, etc.).
|