SSH:TDG
SSH: The Secure Shell (The Definitive Guide)
Barrett, Silverman, & Byrnes / O’Reilly

The SSH Protocol

Version 1.5

Documented in the RFC file from the SSH1 distribution, this version of the protocol is mostly obsolete and abandoned.

Version 2.0 (Core Protocols)

The SSH-2 protocol is described in five main documents. Architecture describes the overall design of SSH-2. Transport provides a single, full-duplex, byte-oriented connection between client and server, with privacy, integrity, server authentication, and man-in-the-middle protection. Authentication identifies the client to the server. Connection provides richer, application-support services over the transport pipe, such as channel multiplexing, flow control, remote program execution, signal propagation, connection forwarding, etc. Finally, the Assigned Numbers document gathers together and lists various constant assignments made in the other drafts.

Other RFCs

Version 2.0 (Related Drafts and Proposals)
  • Diffie-Hellman Group Exchange (Friedl, Provos & Simpson)

    Proposed new Diffie-Hellman key-exchange method for SSH-TRANS. The existing method uses fixed, well-known finite field and subgroup generator parameters to the Diffie-Hellman algorithm. The proposed method allows a client to pick parameters from a set offered by the server.

  • SSH File Transfer Protocol (Ylonen & Lehtinen)

    The Secure Shell File Transfer Protocol provides secure file transfer functionality over any reliable data stream. It is the standard file transfer protocol for use with the Secure Shell Remote Login Protocol. This document describes the file transfer protocol and its interface to the Secure Shell protocol suite.

  • SECSH Public Key File Format (Galbraith & Thayer)

    This document formally documents the existing public key file format in use for exchanging public keys between different SECSH implementations.

  • X.509 authentication in SSH2 (Galbraith & Saarenmaa)

    The X.509 extension specifies how X.509 keys and signatures are used within the SSH2 protocol

Expired Drafts
  • Secure Shell Public Key Channel (Galbraith, Van Dyke)
    Protocol to run inside an SSH-TRANS channel, for configuring public-key authorization data for a remote account. This addresses the problem of multiplying implementation-specific methods for doing this (e.g. files "authorized_keys", "authorization", "authorized_keys2", differing key storage formats, etc.).

Romanian translation by Web Geek Science