Diff: draft-ietf-secsh-userauth-26.txt - draft-ietf-secsh-userauth-27.txt

	< draft-ietf-secsh-userauth-26.txt	draft-ietf-secsh-userauth-27.txt >


	Network Working Group C. Lonvick, Ed.	Network Working Group T. Ylonen
	Internet-Draft Cisco Systems, Inc.	Internet-Draft SSH Communications Security Corp
	Expires: August 21, 2005 February 17, 2005	Expires: September 15, 2005 C. Lonvick, Ed.
		Cisco Systems, Inc.
		March 14, 2005

	SSH Authentication Protocol	SSH Authentication Protocol

	draft-ietf-secsh-userauth-26.txt	draft-ietf-secsh-userauth-27.txt

	Status of this Memo	Status of this Memo

	This document is an Internet-Draft and is subject to all provisions	This document is an Internet-Draft and is subject to all provisions
	of Section 3 of RFC 3667. By submitting this Internet-Draft, each	of Section 3 of RFC 3667. By submitting this Internet-Draft, each
	author represents that any applicable patent or other IPR claims of	author represents that any applicable patent or other IPR claims of
	which he or she is aware have been or will be disclosed, and any of	which he or she is aware have been or will be disclosed, and any of
	which he or she become aware will be disclosed, in accordance with	which he or she become aware will be disclosed, in accordance with
	RFC 3668.	RFC 3668.


	skipping to change at page 1, line 35 ¶	skipping to change at page 1, line 37 ¶
	and may be updated, replaced, or obsoleted by other documents at any	and may be updated, replaced, or obsoleted by other documents at any
	time. It is inappropriate to use Internet-Drafts as reference	time. It is inappropriate to use Internet-Drafts as reference
	material or to cite them other than as "work in progress."	material or to cite them other than as "work in progress."

	The list of current Internet-Drafts can be accessed at	The list of current Internet-Drafts can be accessed at
	http://www.ietf.org/ietf/1id-abstracts.txt.	http://www.ietf.org/ietf/1id-abstracts.txt.

	The list of Internet-Draft Shadow Directories can be accessed at	The list of Internet-Draft Shadow Directories can be accessed at
	http://www.ietf.org/shadow.html.	http://www.ietf.org/shadow.html.


	This Internet-Draft will expire on August 21, 2005.	This Internet-Draft will expire on September 15, 2005.

	Copyright Notice	Copyright Notice

	Copyright (C) The Internet Society (2005).	Copyright (C) The Internet Society (2005).

	Abstract	Abstract

	SSH is a protocol for secure remote login and other secure network	SSH is a protocol for secure remote login and other secure network
	services over an insecure network. This document describes the SSH	services over an insecure network. This document describes the SSH
	authentication protocol framework and public key, password, and	authentication protocol framework and public key, password, and

	skipping to change at page 2, line 25 ¶	skipping to change at page 2, line 27 ¶
	5.4 Banner Message . . . . . . . . . . . . . . . . . . . . . . 7	5.4 Banner Message . . . . . . . . . . . . . . . . . . . . . . 7
	6. Authentication Protocol Message Numbers . . . . . . . . . . 8	6. Authentication Protocol Message Numbers . . . . . . . . . . 8
	7. Public Key Authentication Method: publickey . . . . . . . . 8	7. Public Key Authentication Method: publickey . . . . . . . . 8
	8. Password Authentication Method: password . . . . . . . . . . 10	8. Password Authentication Method: password . . . . . . . . . . 10
	9. Host-Based Authentication: hostbased . . . . . . . . . . . . 12	9. Host-Based Authentication: hostbased . . . . . . . . . . . . 12
	10. IANA Considerations . . . . . . . . . . . . . . . . . . . . 13	10. IANA Considerations . . . . . . . . . . . . . . . . . . . . 13
	11. Security Considerations . . . . . . . . . . . . . . . . . . 14	11. Security Considerations . . . . . . . . . . . . . . . . . . 14
	12. References . . . . . . . . . . . . . . . . . . . . . . . . . 14	12. References . . . . . . . . . . . . . . . . . . . . . . . . . 14
	12.1 Normative . . . . . . . . . . . . . . . . . . . . . . . 14	12.1 Normative . . . . . . . . . . . . . . . . . . . . . . . 14
	12.2 Informative . . . . . . . . . . . . . . . . . . . . . . 15	12.2 Informative . . . . . . . . . . . . . . . . . . . . . . 15

	Author's Address . . . . . . . . . . . . . . . . . . . . . . 15	Authors' Addresses . . . . . . . . . . . . . . . . . . . . . 15
		A. Trademark Notice . . . . . . . . . . . . . . . . . . . . . . 15
	Intellectual Property and Copyright Statements . . . . . . . 16	Intellectual Property and Copyright Statements . . . . . . . 16

	1. Contributors	1. Contributors

	The major original contributors of this set of documents have been:	The major original contributors of this set of documents have been:
	Tatu Ylonen, Tero Kivinen, Timo J. Rinne, Sami Lehtinen (all of SSH	Tatu Ylonen, Tero Kivinen, Timo J. Rinne, Sami Lehtinen (all of SSH
	Communications Security Corp), and Markku-Juhani O. Saarinen	Communications Security Corp), and Markku-Juhani O. Saarinen
	(University of Jyvaskyla). Darren Moffit was the original editor of	(University of Jyvaskyla). Darren Moffit was the original editor of
	this set of documents and also made very substantial contributions.	this set of documents and also made very substantial contributions.


	Additional contributors to this document include [need list].	Many people contributed to the development of this document over the
	Listing their names here does not mean that they endorse this	years. People who should be acknowledged include Mats Andersson, Ben
	document, but that they have contributed to it.	Harris, Brent McClure, Niels Moller, Damien Miller, Derek Fawcus,
		Frank Cusack, Heikki Nousiainen, Jakob Schlyter, Jeff Van Dyke,
	Comments on this internet draft should be sent to the IETF SECSH	Jeffrey Altman, Jeffrey Hutzelman, Jon Bright, Joseph Galbraith, Ken
	working group, details at:	Hornstein, Markus Friedl, Martin Forssen, Nicolas Williams, Niels
	http://ietf.org/html.charters/secsh-charter.html Note: This paragraph	Provos, Perry Metzger, Peter Gutmann, Simon Josefsson, Simon Tatham,
	will be removed before this document progresses to become an RFC.	Wei Dai, Denis Bider, der Mouse, and Tadayoshi Kohno. Listing their
		names here does not mean that they endorse this document, but that
		they have contributed to it.

	2. Introduction	2. Introduction

	The SSH authentication protocol is a general-purpose user	The SSH authentication protocol is a general-purpose user
	authentication protocol. It is intended to be run over the SSH	authentication protocol. It is intended to be run over the SSH
	transport layer protocol [SSH-TRANS]. This protocol assumes that the	transport layer protocol [SSH-TRANS]. This protocol assumes that the
	underlying protocols provide integrity and confidentiality	underlying protocols provide integrity and confidentiality
	protection.	protection.

	This document should be read only after reading the SSH architecture	This document should be read only after reading the SSH architecture

	skipping to change at page 14, line 24 ¶	skipping to change at page 14, line 24 ¶

	Full security considerations for this protocol are provided in	Full security considerations for this protocol are provided in
	[SSH-ARCH].	[SSH-ARCH].

	12. References	12. References

	12.1 Normative	12.1 Normative

	[SSH-ARCH]	[SSH-ARCH]
	Lonvick, C., "SSH Protocol Architecture",	Lonvick, C., "SSH Protocol Architecture",

	I-D draft-ietf-secsh-architecture-21.txt, February 2005.	I-D draft-ietf-secsh-architecture-22.txt, March 2005.

	[SSH-CONNECT]	[SSH-CONNECT]
	Lonvick, C., "SSH Connection Protocol",	Lonvick, C., "SSH Connection Protocol",

	I-D draft-ietf-secsh-connect-24.txt, February 2005.	I-D draft-ietf-secsh-connect-25.txt, March 2005.

	[SSH-TRANS]	[SSH-TRANS]
	Lonvick, C., "SSH Transport Layer Protocol",	Lonvick, C., "SSH Transport Layer Protocol",

	I-D draft-ietf-secsh-transport-23.txt, February 2005.	I-D draft-ietf-secsh-transport-24.txt, March 2005.

	[SSH-NUMBERS]	[SSH-NUMBERS]
	Lonvick, C., "SSH Protocol Assigned Numbers",	Lonvick, C., "SSH Protocol Assigned Numbers",

	I-D draft-ietf-secsh-assignednumbers-11.txt, February	I-D draft-ietf-secsh-assignednumbers-12.txt, March 2005.
	2005.

	[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate	[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
	Requirement Levels", BCP 14, RFC 2119, March 1997.	Requirement Levels", BCP 14, RFC 2119, March 1997.

	[RFC2434] Narten, T. and H. Alvestrand, "Guidelines for Writing an	[RFC2434] Narten, T. and H. Alvestrand, "Guidelines for Writing an
	IANA Considerations Section in RFCs", BCP 26, RFC 2434,	IANA Considerations Section in RFCs", BCP 26, RFC 2434,
	October 1998.	October 1998.

	[RFC3066] Alvestrand, H., "Tags for the Identification of	[RFC3066] Alvestrand, H., "Tags for the Identification of
	Languages", BCP 47, RFC 3066, January 2001.	Languages", BCP 47, RFC 3066, January 2001.

	skipping to change at page 15, line 15 ¶	skipping to change at page 15, line 14 ¶
	and passwords",	and passwords",
	Internet-Draft draft-ietf-sasl-saslprep-10, July 2004.	Internet-Draft draft-ietf-sasl-saslprep-10, July 2004.

	12.2 Informative	12.2 Informative

	[ssh-1.2.30]	[ssh-1.2.30]
	Ylonen, T., "ssh-1.2.30/RFC", File within compressed	Ylonen, T., "ssh-1.2.30/RFC", File within compressed
	tarball ftp://ftp.funet.fi/pub/unix/security/login/ssh/	tarball ftp://ftp.funet.fi/pub/unix/security/login/ssh/
	ssh-1.2.30.tar.gz, November 1995.	ssh-1.2.30.tar.gz, November 1995.


	Author's Address	Authors' Addresses

		Tatu Ylonen
		SSH Communications Security Corp
		Fredrikinkatu 42
		HELSINKI FIN-00100
		Finland

		Email: ylo@ssh.com

	Chris Lonvick (editor)	Chris Lonvick (editor)
	Cisco Systems, Inc.	Cisco Systems, Inc.
	12515 Research Blvd.	12515 Research Blvd.
	Austin 78759	Austin 78759
	USA	USA

	Email: clonvick@cisco.com	Email: clonvick@cisco.com


		Appendix A. Trademark Notice

		"ssh" is a registered trademark in the United States and/or other
		countries.

		Note to the RFC Editor: This should be a separate section like the
		subsequent ones, and not an appendix. This paragraph to be removed
		before publication.

	Intellectual Property Statement	Intellectual Property Statement

	The IETF takes no position regarding the validity or scope of any	The IETF takes no position regarding the validity or scope of any
	Intellectual Property Rights or other rights that might be claimed to	Intellectual Property Rights or other rights that might be claimed to
	pertain to the implementation or use of the technology described in	pertain to the implementation or use of the technology described in
	this document or the extent to which any license under such rights	this document or the extent to which any license under such rights
	might or might not be available; nor does it represent that it has	might or might not be available; nor does it represent that it has
	made any independent effort to identify any such rights. Information	made any independent effort to identify any such rights. Information
	on the procedures with respect to rights in RFC documents can be	on the procedures with respect to rights in RFC documents can be
	found in BCP 78 and BCP 79.	found in BCP 78 and BCP 79.

End of changes. 11 change blocks.
	20 lines changed or deleted	41 lines changed or added
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/