RFC 4252 - The Secure Shell (SSH) Authentication Protocol

Network Working Group: T. Ylonen, C. Lonvick (Ed.)
Request for Comments: 4252
Category: Standards Track
Date: January 2006

Status of This Memo

This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.

Copyright Notice

Copyright (C) The Internet Society (2006).

Abstract

The Secure Shell Protocol (SSH) is a protocol for secure remote login and other secure network services over an insecure network. This document describes the SSH authentication protocol framework and public key, password, and host-based client authentication methods. Additional authentication methods are described in separate documents. The SSH authentication protocol runs on top of the SSH transport layer protocol and provides a single authenticated tunnel for the SSH connection protocol.

Contents

• 1. Introduction
• 2. Contributors
• 3. Conventions Used in This Document
• 4. The Authentication Protocol Framework
• 5. Authentication Requests
  • 5.1. Responses to Authentication Requests
  • 5.2. The "none" Authentication Request
  • 5.3. Completion of User Authentication
  • 5.4. Banner Message
• 6. Authentication Protocol Message Numbers
• 7. Public Key Authentication Method: "publickey"
• 8. Password Authentication Method: "password"
• 9. Host-Based Authentication: "hostbased"
• 10. IANA Considerations
• 11. Security Considerations
• 12. References
  • 12.1. Normative References
  • 12.2. Informative References
• Authors' Addresses
• Trademark Notice