P6R's Secure Shell Public Key Subsystem
2013
The Secure Shell (SSH) Public Key Subsystem protocol defines a key
distribution protocol that is limited to provisioning an SSH server
with a user's public keys. This document describes a new protocol
that builds on the protocol defined in RFC 4819 to allow the
provisioning of keys and certificates to a server using the SSH
transport. The new protocol allows the calling client to organize
keys and certificates in different namespaces on a server. These
namespaces can be used by the server to allow a client to configure
any application running on the server (e.g., SSH, Key Management
Interoperability Protocol (KMIP), Simple Network Management Protocol
(SNMP)). The new protocol provides a server-independent mechanism for
clients to add public keys, remove public keys, add certificates,
remove certificates, and list the current set of keys and certificates
known by the server by namespace (e.g., list all public keys in the
SSH namespace). Rights to manage keys and certificates in a
particular namespace are specific and limited to the authorized user
and are defined as part of the server's implementation. The
described protocol is backward compatible to version 2 defined by RFC
4819.
Keywords:
- Correction
- Source
- Cite
- Save
- Machine Reading By IdeaReader
0
References
2
Citations
NaN
KQI