1. Introduction

   Secure Shell (SSH) is a protocol for secure remote login and other
   secure network services over an insecure network.  Secure Shell
   defines a user authentication mechanism that is based on public keys,
   but does not define any mechanism for key distribution.  Common
   practice is to authenticate once with password authentication and
   transfer the public key to the server.  However, to date no two
   implementations use the same mechanism to configure a public key for
   use.

   This document describes a subsystem that can be used to configure
   public keys in an implementation-independent fashion.  This approach
   allows client software to take on the burden of this configuration.
   The Public Key Subsystem protocol is designed for extreme simplicity
   in implementation.  It is not intended as a Public Key Infrastructure
   for X.509 Certificates (PKIX) replacement.

   The Secure Shell Public Key Subsystem has been designed to run on top
   of the Secure Shell transport layer [2] and user authentication
   protocols [3].  It provides a simple mechanism for the client to
   manage public keys on the server.

   This document should be read only after reading the Secure Shell
   architecture [1] and Secure Shell connection [4] documents.

   This protocol is intended to be used from the Secure Shell Connection
   Protocol [4] as a subsystem, as described in the section "Starting a
   Shell or a Command".  The subsystem name used with this protocol is
   "publickey".

   This protocol requires that the user be able to authenticate in some
   fashion before it can be used.  If password authentication is used,
   servers SHOULD provide a configuration option to disable the use of
   password authentication after the first public key is added.