OpenSSH implements the following specifications.
| RFC4250 | SSH Protocol Assigned Numbers | |
| RFC4251 | SSH Protocol Architecture | |
| RFC4252 | (e) | SSH Authentication Protocol |
| RFC4253 | (e) | SSH Transport Layer Protocol |
| RFC4254 | (e) | SSH Connection Protocol |
| RFC4255 | (e) | Using DNS to Securely Publish SSH Key Fingerprints (SSHFP) |
| RFC4256 | (e) | Generic Message Exchange Authentication (aka "keyboard-interactive") |
| RFC4335 | (e) | SSH Session Channel Break Extension |
| RFC4344 | SSH Transport Layer Encryption Modes | |
| RFC4345 | (e) | Improved Arcfour Modes for the SSH Transport Layer Protocol |
| RFC4419 | Diffie-Hellman Group Exchange | |
| RFC4462 | (e) | GSS-API Authentication and Key Exchange (only authentication implemented) |
| RFC4716 | SSH Public Key File Format (import and export via ssh-keygen only). | |
| RFC5656 | (e) | Elliptic Curve Algorithm Integration in SSH |
| RFC6594 | (e) | SHA-256 SSHFP Resource Records (new in OpenSSH 6.1). |
| RFC6668 | SHA-2 Data Integrity Algorithms (new in OpenSSH 5.9) | |
| RFC7479 | (e) | ED25519 SSHFP Resource Records (new in OpenSSH 6.5). |
| RFC8160 | IUTF8 Terminal Mode (new in OpenSSH 7.3). |
| draft-ietf-secsh-filexfer-02 | SSH File Transfer Protocol version 3 |
| draft-rsa-dsa-sha2-256-03 | RSA Keys with SHA-2 256 and 512 (new in OpenSSH 7.2). |
| draft-ssh-ext-info-04 | Extension Negotiation (ext-info-s and ext-info-c, new in OpenSSH 7.2). |
| draft-ietf-curdle-ssh-kex-sha2-03 | Key Exchange (KEX) Method Updates and Recommendations (new in OpenSSH 7.3). |
| PROTOCOL | An overview of all vendor extensions detailed below, and the
specifications of the SSH2 extensions eow@openssh.com,
no-more-sessions@openssh.com, tun@openssh.com
and the sftp extensions posix-rename@openssh.com
statvfs@openssh.com, fstatvfs@openssh.com
|
| draft-miller-ssh-agent-00 | ssh-agent protocol (auth-agent@openssh.com)
|
| PROTOCOL.certkeys | ssh-rsa-cert-v00@openssh.com,
ssh-dsa-cert-v00@openssh.com,
ecdsa-sha2-nistp256-cert-v01@openssh.com,
ecdsa-sha2-nistp384-cert-v01@openssh.com,
ecdsa-sha2-nistp521-cert-v01@openssh.com : new public
key algorithms supporting certificates.
|
| PROTOCOL.chacha20poly1305 | chacha20-poly1305@openssh.com authenticated encryption mode.
|
| PROTOCOL.key | OpenSSH private key format (openssh-key-v1).
|
| PROTOCOL.krl | Key Revocation Lists for OpenSSH keys and certificates. |
| PROTOCOL.mux | Multiplexing protocol used by ssh(1) ControlMaster connection-sharing. |
| draft-miller-secsh-umac-01 | umac-64@openssh.com: a new transport-layer MAC.
|
| draft-miller-secsh-compression-delayed-00 | zlib@openssh.com: Delayed compression until
after authentication.
|
| curve25519-sha256@libssh.org | curve25519-sha256@libssh.org key exchange method.
|
| socks4.protocol | SOCKS protocol version 4. Used for ssh(1) DynamicForward.
|
| socks4a.protocol | SOCKS protocol version 4a. Used for ssh(1) DynamicForward.
|
| RFC1928 | SOCKS protocol version 5. Used for ssh(1) DynamicForward.
|
| RFC1349 RFC2597 RFC2598 | IP Type of Service (ToS) and Differentiated Services.
ssh and sshd will automatically set the ToS as per rfc1349
unless specified otherwise via the IPQoS keyword in
ssh_config and sshd_config.
|