SOLUTIONS > DRAFTS
Send us a question or comment

Secsh Protocol Documents

"Secsh" was the official Internet Engineering Task Force's (IETF) name for the IETF working group responsible for the SSH2 protocol. The SSH protocol has two generations: SSH, the initial draft protocol dating to 1995, which is now labeled SSH1, and SSH version 2, usually called SSH2, which was first published in 1998.

The core documents for SSH2 were published as RFCs in the first half of 2006 followed by the extension documents. The Secsh IETF working group closed shortly thereafter.  Of the significant work items for the working group, only the SFTP protocol specification did not advance to RFC. There is currently no working group addressing the SFTP protocol, nor any ongoing work.

If you are interested in reading the documents, click on one of the links below. The original documents may be found at http://www.ietf.org/index.html in the RFC Pages or Internet Drafts sections.

SSH Core Documents

The following proposed standards describe the main elements of the SSH protocol.

  • SSH Protocol Architecture (RFC 4251)
    This document provides an overview of the SSH architecture including the "layers" of the protocol. If you're going to read about SSH, you should read this draft first.
  • SSH Transport Layer Protocol (RFC 4253)
    The transport layer is the lowest layer of the protocol. It typically runs on top of TCP/IP. All other layers of the protocol run on top of the secure tunnel provided by this layer.
  • SSH Authentication Protocol (RFC 4252)
    The next layer of protocol is the user authentication layer. This document describes mechanisms that the SSH server uses to authenticate users. The primary mechanisms described here include password and public-key authentication.
  • SSH Connection Protocol (RFC 4254)
    The connection protocol is a layer that runs on top of the transport and authentication layers. This document describes how interactive terminal sessions are created as well as other operations such as remote command execution, forwarded/tunneled network connections.
  • SSH Protocol Assigned Numbers (RFC 4250)
    The official list of IANA-assigned numbers used by SSH implementations.
  • SSH Public Key File Format (RFC 4716)
    Documentation of a common file format for public keys. Its purpose is to facilitate the exchange of public keys between different SSH implementations.
  • SSH Public Key Subsystem (RFC 4819)
    The public-key subsystem is a mechanism that allows users to upload and manage their public keys on any SSH server without having to delve into server-specific details of where those keys should be stored.

SSH Extension Documents

SSH Extension Drafts

  • SSH File Transfer Protocol
    Describes a protocol for secure file transfer and/or a secure, remote file system. This protocol is commonly referred to as "SFTP".
  • Secure Shell Authentication Agent Protocol
    Description of a single sign-on mechanism that works by forwarding various private key signing operations back to an "agent" that stores your private keys.
  • SCP/SFTP/SSH URI Format
    A specification of how ssh, sftp and scp URLs should look. For example: ssh://user@host:2222
  • X.509 Authentication in SSH2
    The X.509 extension specifies how X.509 keys and signatures are used within the SSH2 protocol.