draft-ietf-secsh-connect-15.txt   draft-ietf-secsh-connect-16.txt 
Network Working Group T. Ylonen Network Working Group T. Ylonen
Internet-Draft T. Kivinen Internet-Draft T. Kivinen
Expires: August 1, 2002 SSH Communications Security Corp Expires: March 21, 2003 SSH Communications Security Corp
M. Saarinen M. Saarinen
University of Jyvaskyla University of Jyvaskyla
T. Rinne T. Rinne
S. Lehtinen S. Lehtinen
SSH Communications Security Corp SSH Communications Security Corp
January 31, 2002 September 20, 2002
SSH Connection Protocol SSH Connection Protocol
draft-ietf-secsh-connect-15.txt draft-ietf-secsh-connect-16.txt
Status of this Memo Status of this Memo
This document is an Internet-Draft and is in full conformance with This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of RFC2026. all provisions of Section 10 of RFC2026.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet- other groups may also distribute working documents as Internet-
Drafts. Drafts.
skipping to change at page 1, line 37 skipping to change at page 1, line 37
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on August 1, 2002. This Internet-Draft will expire on March 21, 2003.
Copyright Notice Copyright Notice
Copyright (C) The Internet Society (2002). All Rights Reserved. Copyright (C) The Internet Society (2002). All Rights Reserved.
Abstract Abstract
SSH is a protocol for secure remote login and other secure network SSH is a protocol for secure remote login and other secure network
services over an insecure network. services over an insecure network.
skipping to change at page 2, line 37 skipping to change at page 2, line 37
4.7 Window Dimension Change Message . . . . . . . . . . . . . . 11 4.7 Window Dimension Change Message . . . . . . . . . . . . . . 11
4.8 Local Flow Control . . . . . . . . . . . . . . . . . . . . . 11 4.8 Local Flow Control . . . . . . . . . . . . . . . . . . . . . 11
4.9 Signals . . . . . . . . . . . . . . . . . . . . . . . . . . 12 4.9 Signals . . . . . . . . . . . . . . . . . . . . . . . . . . 12
4.10 Returning Exit Status . . . . . . . . . . . . . . . . . . . 12 4.10 Returning Exit Status . . . . . . . . . . . . . . . . . . . 12
5. TCP/IP Port Forwarding . . . . . . . . . . . . . . . . . . . 13 5. TCP/IP Port Forwarding . . . . . . . . . . . . . . . . . . . 13
5.1 Requesting Port Forwarding . . . . . . . . . . . . . . . . . 13 5.1 Requesting Port Forwarding . . . . . . . . . . . . . . . . . 13
5.2 TCP/IP Forwarding Channels . . . . . . . . . . . . . . . . . 14 5.2 TCP/IP Forwarding Channels . . . . . . . . . . . . . . . . . 14
6. Encoding of Terminal Modes . . . . . . . . . . . . . . . . . 16 6. Encoding of Terminal Modes . . . . . . . . . . . . . . . . . 16
7. Summary of Message Numbers . . . . . . . . . . . . . . . . . 17 7. Summary of Message Numbers . . . . . . . . . . . . . . . . . 17
8. Security Considerations . . . . . . . . . . . . . . . . . . 18 8. Security Considerations . . . . . . . . . . . . . . . . . . 18
9. Trademark Issues . . . . . . . . . . . . . . . . . . . . . . 19 9. Intellectual Property . . . . . . . . . . . . . . . . . . . 19
10. Additional Information . . . . . . . . . . . . . . . . . . . 19 10. Additional Information . . . . . . . . . . . . . . . . . . . 19
References . . . . . . . . . . . . . . . . . . . . . . . . . 19 References . . . . . . . . . . . . . . . . . . . . . . . . . 19
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . 20 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . 20
Full Copyright Statement . . . . . . . . . . . . . . . . . . 21 Full Copyright Statement . . . . . . . . . . . . . . . . . . 22
1. Introduction 1. Introduction
The SSH Connection Protocol has been designed to run on top of the The SSH Connection Protocol has been designed to run on top of the
SSH transport layer and user authentication protocols. It provides SSH transport layer and user authentication protocols. It provides
interactive login sessions, remote execution of commands, forwarded interactive login sessions, remote execution of commands, forwarded
TCP/IP connections, and forwarded X11 connections. The service name TCP/IP connections, and forwarded X11 connections. The service name
for this protocol (after user authentication) is "ssh-connection". for this protocol (after user authentication) is "ssh-connection".
This document should be read only after reading the SSH architecture This document should be read only after reading the SSH architecture
skipping to change at page 19, line 5 skipping to change at page 19, line 5
control over what can be forwarded. Administrators should be able to control over what can be forwarded. Administrators should be able to
deny forwardings where appropriate. deny forwardings where appropriate.
Since this protocol normally runs inside an encrypted tunnel, Since this protocol normally runs inside an encrypted tunnel,
firewalls will not be able to examine the traffic. firewalls will not be able to examine the traffic.
It is RECOMMENDED that implementations disable all the potentially It is RECOMMENDED that implementations disable all the potentially
dangerous features (e.g. agent forwarding, X11 forwarding, and dangerous features (e.g. agent forwarding, X11 forwarding, and
TCP/IP forwarding) if the host key has changed. TCP/IP forwarding) if the host key has changed.
9. Trademark Issues 9. Intellectual Property
As of this writing, SSH Communications Security Oy claims ssh as its The IETF takes no position regarding the validity or scope of any
trademark. As with all IPR claims the IETF takes no position intellectual property or other rights that might be claimed to
regarding the validity or scope of this trademark claim. pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; neither does it represent that it
has made any effort to identify any such rights. Information on the
IETF's procedures with respect to rights in standards-track and
standards-related documentation can be found in BCP-11. Copies of
claims of rights made available for publication and any assurances of
licenses to be made available, or the result of an attempt made to
obtain a general license or permission for the use of such
proprietary rights by implementers or users of this specification can
be obtained from the IETF Secretariat.
The IETF has been notified of intellectual property rights claimed in
regard to some or all of the specification contained in this
document. For more information consult the online list of claimed
rights.
10. Additional Information 10. Additional Information
The current document editor is: Darren.Moffat@Sun.COM. Comments on The current document editor is: Darren.Moffat@Sun.COM. Comments on
this internet draft should be sent to the IETF SECSH working group, this internet draft should be sent to the IETF SECSH working group,
details at: http://ietf.org/html.charters/secsh-charter.html details at: http://ietf.org/html.charters/secsh-charter.html
References References
[RFC1766] Alvestrand, H., "Tags for the Identification of [RFC1766] Alvestrand, H., "Tags for the Identification of
skipping to change at page 19, line 39 skipping to change at page 20, line 6
Reference to Xlib, X Protocol, Icccm, Xlfd, 3rd Reference to Xlib, X Protocol, Icccm, Xlfd, 3rd
edition.", Digital Press ISBN 1555580882, Feburary edition.", Digital Press ISBN 1555580882, Feburary
1992. 1992.
[POSIX] ISO/IEC, 9945-1., "Information technology -- Portable [POSIX] ISO/IEC, 9945-1., "Information technology -- Portable
Operating System Interface (POSIX)-Part 1: System Operating System Interface (POSIX)-Part 1: System
Application Program Interface (API) C Language", Application Program Interface (API) C Language",
ANSI/IEE Std 1003.1, July 1996. ANSI/IEE Std 1003.1, July 1996.
[SSH-ARCH] Ylonen, T., "SSH Protocol Architecture", I-D draft- [SSH-ARCH] Ylonen, T., "SSH Protocol Architecture", I-D draft-
ietf-architecture-12.txt, July 2001. ietf-architecture-13.txt, September 2002.
[SSH-TRANS] Ylonen, T., "SSH Transport Layer Protocol", I-D [SSH-TRANS] Ylonen, T., "SSH Transport Layer Protocol", I-D
draft-ietf-transport-12.txt, July 2001. draft-ietf-transport-15.txt, September 2002.
[SSH-USERAUTH] Ylonen, T., "SSH Authentication Protocol", I-D draft- [SSH-USERAUTH] Ylonen, T., "SSH Authentication Protocol", I-D draft-
ietf-userauth-14.txt, July 2001. ietf-userauth-16.txt, September 2002.
[SSH-CONNECT] Ylonen, T., "SSH Connection Protocol", I-D draft- [SSH-CONNECT] Ylonen, T., "SSH Connection Protocol", I-D draft-
ietf-connect-15.txt, July 2001. ietf-connect-16.txt, September 2002.
Authors' Addresses Authors' Addresses
Tatu Ylonen Tatu Ylonen
SSH Communications Security Corp SSH Communications Security Corp
Fredrikinkatu 42 Fredrikinkatu 42
HELSINKI FIN-00100 HELSINKI FIN-00100
Finland Finland
EMail: ylo@ssh.com EMail: ylo@ssh.com
 End of changes. 

This html diff was produced by rfcdiff 1.23, available from http://www.levkowetz.com/ietf/tools/rfcdiff/