Documented in the RFC file from the SSH1 distribution, this version of the protocol is mostly obsolete and abandoned.

The SSH-2 protocol is described in five main documents. Architecture describes the overall design of SSH-2. Transport provides a single, full-duplex, byte-oriented connection between client and server, with privacy, integrity, server authentication, and man-in-the-middle protection. Authentication identifies the client to the server. Connection provides richer, application-support services over the transport pipe, such as channel multiplexing, flow control, remote program execution, signal propagation, connection forwarding, etc. Finally, the Assigned Numbers document gathers together and lists various constant assignments made in the other documents.

• SSH Assigned Numbers (RFC 4250)
• SSH Protocol Architecture (RFC 4251)
• SSH Authentication Protocol (RFC 4252)
• SSH Transport Layer Protocol (RFC 4253)
• SSH Connection Protocol (RFC 4254)

Other RFCs

These establish various extensions to the core SSH protocols, or related mechanisms.

• Using DNS to Securely Publish Secure Shell Key Fingerprints (RFC 4255)
  

  Documents a method of storing SSH hostkey fingerprints in the DNS. This is implemented by the

  VerifyHostKeyDNS

  option to the OpenSSH client. Extended by RFC 6594 to cover elliptic-curve hostkeys and SHA-2.

• Generic Message Exchange Authentication for the Secure Shell Protocol (SSH) (RFC 4256)
  

  Documents the

  keyboard-interactive

  userauth method, which allows for any number of server prompts and client responses as part of client authentication. This can accommodate challenge-response schemes such as one-time passwords, and is often implemented on Unix via PAM.

• The Secure Shell Transport Layer Encryption Modes (RFC 4344)

  This document describes new symmetric encryption methods for the SSH Transport Protocol and gives specific recommendations on how frequently SSH implementations should rekey, in response to SSH protocol vulnerabilities reported by Bellare, Kohno, and Namprempre.

• Diffie-Hellman Group Exchange (Friedl, Provos & Simpson) (RFC 4419)

  The original key agreement methods defined in the transport protocol use fixed, well-known groups for the Diffie-Hellman algorithm. This method allows a server to use a set of locally configured groups, and the client to request a preferred group size.

• RSA Key Exchange for the Secure Shell (SSH) Transport Layer Protocol (RFC 4432)

  This memo describes a key-exchange method for the Secure Shell (SSH) protocol based on Rivest-Shamir-Adleman (RSA) public-key encryption. It uses much less client CPU time than the Diffie-Hellman algorithm specified as part of the core protocol, and hence is particularly suitable for slow client systems.

• GSSAPI Authentication and Key Exchange for SSH (RFC 4462)

  Describes methods for using the GSS-API for authentication and key exchange in SSH. It defines an SSH user authentication method that uses a specified GSS-API mechanism to authenticate a user, and a family of SSH key exchange methods that use GSS-API to authenticate a Diffie-Hellman key exchange. This typically uses Kerberos to provide single-signon, as well as automatic server authentication without hostkeys.

• The Secure Shell Public Key File Format (RFC 4716)

  Documents the public-key file format in use by several SSH implementations.

• Elliptic Curve Algorithm Integration in the Secure Shell Transport Layer (RFC 5656)

  This document describes algorithms based on Elliptic Curve Cryptography (ECC) for use within the Secure Shell (SSH) transport protocol. In particular, it specifies Elliptic Curve Diffie-Hellman (ECDH) key agreement, Elliptic Curve Menezes-Qu-Vanstone (ECMQV) key agreement, and Elliptic Curve Digital Signature Algorithm (ECDSA) for use in the SSH Transport Layer protocol.

• Suite B Cryptographic Suites for Secure Shell (RFC 6239)
  
• Use of the SHA-256 Algorithm with RSA, Digital Signature Algorithm (DSA), and Elliptic Curve DSA (ECDSA) in SSHFP Resource Records (RFC 6594)

  Updates RFC 4255, which defines a method for storing SSH hostkey fingerprints in the DNS. This document adds support for elliptic-curve hostkeys (ECDSA), as well as the SHA-2 hash algorithm.

• SHA-2 Data Integrity Verification for the Secure Shell (SSH) Transport Layer Protocol (RFC 6668)

  This memo defines algorithm names and parameters for use in some of the SHA-2 family of secure hash algorithms for data integrity verification in the Secure Shell (SSH) protocol. It also updates RFC 4253 by specifying a new RECOMMENDED data integrity algorithm.

• SSH File Transfer Protocol (Ylonen & Lehtinen)

  The Secure Shell File Transfer Protocol provides secure file transfer functionality over any reliable data stream. It is the standard file transfer protocol for use with the Secure Shell Remote Login Protocol. This document describes the file transfer protocol and its interface to the Secure Shell protocol suite.

• X.509 authentication in SSH2 (Galbraith & Saarenmaa) (Internet-Draft)

  Specifies how X.509 certificates, keys and signatures are used within the SSH2 protocol.

• Secure Shell Public Key Channel (Galbraith & Van Dyke)
  

  Protocol to run inside an SSH-TRANS channel, for configuring public-key authorization data for a remote account. This addresses the problem of multiplying implementation-specific methods for doing this (e.g. files

  authorized_keys

  ,

  authorization

  ,

  authorized_keys2

  , differing key storage formats, etc.).