RFC 4819
Secure Shell Public Key Subsystem, March 2007
- File formats:
- Status:
- PROPOSED STANDARD
- Updated by:
- RFC 9519
- Authors:
- J. Galbraith
J. Van Dyke
J. Bright - Stream:
- IETF
- Source:
- secsh (sec)
Cite this RFC: TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC4819
Discuss this RFC: Send questions or comments to the mailing list iesg@ietf.org
Other actions: Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 4819
Abstract
Secure Shell defines a user authentication mechanism that is based on public keys, but does not define any mechanism for key distribution. No common key management solution exists in current implementations. This document describes a protocol that can be used to configure public keys in an implementation-independent fashion, allowing client software to take on the burden of this configuration.
The Public Key Subsystem provides a server-independent mechanism for clients to add public keys, remove public keys, and list the current public keys known by the server. Rights to manage public keys are specific and limited to the authenticated user.
A public key may also be associated with various restrictions, including a mandatory command or subsystem. [STANDARDS-TRACK]
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.