{"draft":"draft-ietf-secsh-gsskeyex-10","doc_id":"RFC4462","title":"Generic Security Service Application Program Interface (GSS-API) Authentication and Key Exchange for the Secure Shell (SSH) Protocol","authors":["J. Hutzelman","J. Salowey","J. Galbraith","V. Welch"],"format":["ASCII","HTML"],"page_count":"29","pub_status":"PROPOSED STANDARD","status":"PROPOSED STANDARD","source":"Secure Shell","abstract":"The Secure Shell protocol (SSH) is a protocol for secure remote login\r\nand other secure network services over an insecure network.\r\n\r\nThe Generic Security Service Application Program Interface (GSS-API)\r\nprovides security services to callers in a mechanism-independent\r\nfashion.\r\n\r\nThis memo describes methods for using the GSS-API for authentication\r\nand key exchange in SSH.  It defines an SSH user authentication\r\nmethod that uses a specified GSS-API mechanism to authenticate a user,\r\nand a family of SSH key exchange methods that use GSS-API to\r\nauthenticate a Diffie-Hellman key exchange.\r\n\r\nThis memo also defines a new host public key algorithm that can be\r\nused when no operations are needed using a host's public key, and a\r\nnew user authentication method that allows an authorization name to\r\nbe used in conjunction with any authentication that has already\r\noccurred as a side-effect of GSS-API-based key exchange.  [STANDARDS-TRACK]","pub_date":"May 2006","keywords":[],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":["RFC8732","RFC9142"],"see_also":[],"doi":"10.17487\/RFC4462","errata_url":"https:\/\/www.rfc-editor.org\/errata\/rfc4462"}