RFC - 4819
Secure Shell Public Key Subsystem
| Original: | ftp://ftp.isi.edu/in-notes/rfc4819.txt |
|---|---|
| Authors: | J. Galbraith [VanDyke Software], J. Van Dyke [VanDyke Software], J. Bright [Silicon Circus] |
| Date: | March 2007 |
| Category: | Proposed Standard |
| Referred by: | 0 RFC |
| Refers to: | 11 RFC |
Status
This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.
Copyright Notice
Copyright (C) The IETF Trust (2007).
Abstract
Secure Shell defines a user authentication mechanism that is based on public keys, but does not define any mechanism for key distribution. No common key management solution exists in current implementations. This document describes a protocol that can be used to configure public keys in an implementation-independent fashion, allowing client software to take on the burden of this configuration.
The Public Key Subsystem provides a server-independent mechanism for clients to add public keys, remove public keys, and list the current public keys known by the server. Rights to manage public keys are specific and limited to the authenticated user.
A public key may also be associated with various restrictions, including a mandatory command or subsystem.
-
prepared by Miloslav Nic
- the founder of Zvon.org and Law-Ref.org
- the head of B.Sc. program Informatics and chemistry [in Czech]
- the founder of Lidem.org - Volby 2006 - parliamentary elections in the Czech Republic [in Czech]
- the chief consultant of the publishing house ICT Press
- and Pavel Srb, a student of B.Sc. program Informatics and chemistry