SSH:TDG
SSH: The Secure Shell (The Definitive Guide)
Barrett, Silverman, & Byrnes / O’Reilly
Top
FAQ
Protocols
References
Authors

The SSH Protocol

Version 1.5

Documented in the RFC file from the SSH1 distribution, this version of the protocol is obsolete, but still in wide use for historical reasons.

Version 2.0 (Core Protocols)

The SSH-2 protocol is described in five main documents. Architecture describes the overall design of SSH-2. Transport provides a single, full-duplex, byte-oriented connection between client and server, with privacy, integrity, server authentication, and man-in-the-middle protection. Authentication identifies the client to the server. Connection provides richer, application-support services over the transport pipe, such as channel multiplexing, flow control, remote program execution, signal propagation, connection forwarding, etc. Finally, the Assigned Numbers document gathers together and lists various constant assignments made in the other drafts.

Other RFC's

Version 2.0 (Related Drafts and Proposals)
  • Diffie-Hellman Group Exchange (Friedl, Provos & Simpson)

    Proposed new Diffie-Hellman key-exchange method for SSH-TRANS. The existing method uses fixed, well-known finite field and subgroup generator parameters to the Diffie-Hellman algorithm. The proposed method allows a client to pick parameters from a set offered by the server.

  • Using GSSAPI authentication for key exchange in Secure Shell (Hutzelman & Salowey)

    This memo describes methods for using the GSS-API for authentication and key exchange in SSH. It defines an SSH user authentication method which uses a specified GSSAPI mechanism to authenticate a user, and a family of SSH key exchange methods which use GSSAPI to authenticate the Diffie-Hellman exchange described in [SSH-TRANSPORT]. This memo also defines a new host public key algorithm which can be used when no operations are needed using a host's public key, and a new user authentication method which allows an authorization name to be used in conjunction with any authentication which has already occurred as a side-effect of key exchange.

  • SSH File Transfer Protocol (Ylonen & Lehtinen)

    The Secure Shell File Transfer Protocol provides secure file transfer functionality over any reliable data stream. It is the standard file transfer protocol for use with the Secure Shell Remote Login Protocol. This document describes the file transfer protocol and its interface to the Secure Shell protocol suite.

  • SECSH Public Key File Format (Galbraith & Thayer)

    This document formally documents the existing public key file format in use for exchanging public keys between different SECSH implementations.

  • X.509 authentication in SSH2 (Galbraith & Saarenmaa)

    The X.509 extension specifies how X.509 keys and signatures are used within the SSH2 protocol

Expired Drafts
  • Secure Shell Public Key Channel (Galbraith, Van Dyke)
    Protocol to run inside an SSH-TRANS channel, for configuring public-key authorization data for a remote account. This addresses the problem of multiplying implementation-specific methods for doing this (e.g. files "authorized_keys", "authorization", "authorized_keys2", differing key storage formats, etc.).