RFC 4253 - The Secure Shell (SSH) Transport Layer Protocol
Network Working Group: T. Ylonen, SSH Communications Security Corp
Request for Comments: 4253
Category: Standards Track
Editor: C. Lonvick, Cisco Systems, Inc.
Date: January 2006
Status of This Memo
This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (2006).
Abstract
The Secure Shell (SSH) is a protocol for secure remote login and other secure network services over an insecure network.
This document describes the SSH transport layer protocol, which typically runs on top of TCP/IP. The protocol can be used as a basis for a number of secure network services. It provides strong encryption, server authentication, and integrity protection. It may also provide compression.
Key exchange method, public key algorithm, symmetric encryption algorithm, message authentication algorithm, and hash algorithm are all negotiated.
This document also describes the Diffie-Hellman key exchange method and the minimal set of algorithms that are needed to implement the SSH transport layer protocol.
Contents
- 1. Introduction
- 2. Contributors
- 3. Conventions Used in This Document
- 4. Connection Setup
- 5. Compatibility With Old SSH Versions
- 6. Binary Packet Protocol
- 7. Key Exchange
- 8. Diffie-Hellman Key Exchange
- 9. Key Re-Exchange
- 10. Service Request
- 11. Additional Messages
- 12. Summary of Message Numbers
- 13. IANA Considerations
- 14. Security Considerations
- 15. References
- Authors' Addresses
- Trademark Notice