Secure Shell (secsh)

Last Modified: 2005-09-08

Additional information is available at tools.ietf.org/wg/secsh

Chair(s):

  • Bill Sommerfeld <sommerfeld@sun.com>

    Security Area Director(s):

  • Russ Housley <housley@vigilsec.com>
  • Sam Hartman <hartmans-ietf@mit.edu>

    Security Area Advisor:

  • Sam Hartman <hartmans-ietf@mit.edu>

    Mailing Lists:

    General Discussion: ietf-ssh@netbsd.org
    To Subscribe: majordomo@netbsd.org
    In Body: subscribe ietf-ssh
    Archive: ftp://ftp.ietf.org/ietf-mail-archive/secsh/

    Description of Working Group:

    The goal of the working group is to update and standardize the popular
    SSH protocol. SSH provides support for secure remote login, secure file
    transfer, and secure TCP/IP and X11 forwardings. It can automatically
    encrypt, authenticate, and compress transmitted data.  The working
    group will attempt to assure that the SSH protocol

    o  provides strong security against cryptanalysis and protocol
    attacks,

    o  can work reasonably well without a global key management or
        certificate infrastructure,

    o  can utilize existing certificate infrastructures (e.g., DNSSEC,
        SPKI, X.509) when available,

    o  can be made easy to deploy and take into use,

    o  requires minimum or no manual interaction from users,

    o  is reasonably clean and simple to implement.

    The resulting protocol will operate over TCP/IP or other reliable but
    insecure transport. It is intended to be implemented at the application
    level.

    Goals and Milestones:

    Done  Submit Internet-Draft on SSH-2.0 protocol
    Done  Decide on Transport Layer protocol at Memphis IETF.
    Done  Post revised core secsh drafts
    Done  Submit core drafts to IESG for publication as proposed standard
    Done  Post extensions drafts for review
    Done  Start sending extensions drafts to Last Call
    Done  Publish draft on new crypto modes
    Done  GSSAPI draft ready for last call
    Done  Publish draft on X.509v3/pkix support (or subsume into gssapi draft)
    Done  Publish draft on terminal server support
    Done  IESG approval of core drafts
    Aug 2005  Public key subsystem ready for last call
    Done  Publickeyfile ready for last call as Informational
    Sep 2005  URI draft ready for last call
    Oct 2005  File transfer draft ready for last call
    Oct 2005  X.509v3/pkix draft ready for last call
    Nov 2005  Investigate Draft Standard status for secure shell

    Internet-Drafts:

    SSH File Transfer Protocol (120970 bytes)

    Request For Comments:

    The Secure Shell (SSH) Protocol Assigned Numbers (RFC 4250) (44010 bytes)
    Generic Message Exchange Authentication For The Secure Shell Protocol (SSH) (RFC 4256) (24728 bytes)
    Using DNS to Securely Publish Secure Shell (SSH) Key Fingerprints (RFC 4255) (18399 bytes)
    The Secure Shell (SSH) Connection Protocol (RFC 4254) (50338 bytes)
    The Secure Shell (SSH) Transport Layer Protocol (RFC 4253) (68263 bytes)
    The Secure Shell (SSH) Authentication Protocol (RFC 4252) (34268 bytes)
    The Secure Shell (SSH) Protocol Architecture (RFC 4251) (71750 bytes)
    The Secure Shell (SSH) Transport Layer Encryption Modes (RFC 4344) (27521 bytes)
    Secure Shell (SSH) Session Channel Break Extension (RFC 4335) (11370 bytes)
    Diffie-Hellman Group Exchange for the Secure Shell (SSH) Transport Layer Protocol (RFC 4419) (18356 bytes)
    Generic Security Service Application Program Interface (GSS-API) Authentication and Key Exchange for the Secure Shell Protocol (RFC 4462) (65280 bytes)
    The Secure Shell (SSH) Public Key File Format (RFC 4716) (18395 bytes)
    Secure Shell Public-Key Subsystem (RFC 4819) (32794 bytes)
    IETF Secretariat - Please send questions, comments, and/or suggestions to ietf-web@ietf.org.

    Return to working group directory.

    Return to IETF home page.