aboutsummaryrefslogtreecommitdiff
path: root/doc/draft-ietf-secsh-connect-17.txt
diff options
context:
space:
mode:
Diffstat (limited to 'doc/draft-ietf-secsh-connect-17.txt')
-rw-r--r--doc/draft-ietf-secsh-connect-17.txt1232
1 files changed, 1232 insertions, 0 deletions
diff --git a/doc/draft-ietf-secsh-connect-17.txt b/doc/draft-ietf-secsh-connect-17.txt
new file mode 100644
index 00000000..5a8a43e0
--- /dev/null
+++ b/doc/draft-ietf-secsh-connect-17.txt
@@ -0,0 +1,1232 @@
+
+
+Network Working Group T. Ylonen
+Internet-Draft T. Kivinen
+Expires: January 12, 2004 SSH Communications Security Corp
+ M. Saarinen
+ University of Jyvaskyla
+ T. Rinne
+ S. Lehtinen
+ SSH Communications Security Corp
+ July 14, 2003
+
+
+ SSH Connection Protocol
+ draft-ietf-secsh-connect-17.txt
+
+Status of this Memo
+
+ This document is an Internet-Draft and is in full conformance with
+ all provisions of Section 10 of RFC2026.
+
+ Internet-Drafts are working documents of the Internet Engineering
+ Task Force (IETF), its areas, and its working groups. Note that
+ other groups may also distribute working documents as Internet-
+ Drafts.
+
+ Internet-Drafts are draft documents valid for a maximum of six
+ months and may be updated, replaced, or obsoleted by other
+ documents at any time. It is inappropriate to use Internet-Drafts
+ as reference material or to cite them other than as "work in
+ progress."
+
+ The list of current Internet-Drafts can be accessed at
+ http://www.ietf.org/ietf/1id-abstracts.txt.
+
+ The list of Internet-Draft Shadow Directories can be accessed at
+ http://www.ietf.org/shadow.html.
+
+ This Internet-Draft will expire on January 12, 2004.
+
+Copyright Notice
+
+ Copyright (C) The Internet Society (2003). All Rights Reserved.
+
+Abstract
+
+ SSH is a protocol for secure remote login and other secure network
+ services over an insecure network.
+
+ This document describes the SSH Connection Protocol. It provides
+ interactive login sessions, remote execution of commands,
+
+
+
+Ylonen, et. al. Expires January 12, 2004 [Page 1]
+
+Internet-Draft SSH Connection Protocol July 2003
+
+
+ forwarded TCP/IP connections, and forwarded X11 connections. All
+ of these channels are multiplexed into a single encrypted tunnel.
+
+ The SSH Connection Protocol has been designed to run on top of the
+ SSH transport layer and user authentication protocols.
+
+Table of Contents
+
+ 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
+ 2. Global Requests . . . . . . . . . . . . . . . . . . . . . . 3
+ 3. Channel Mechanism . . . . . . . . . . . . . . . . . . . . . 3
+ 3.1 Opening a Channel . . . . . . . . . . . . . . . . . . . . . 4
+ 3.2 Data Transfer . . . . . . . . . . . . . . . . . . . . . . . 5
+ 3.3 Closing a Channel . . . . . . . . . . . . . . . . . . . . . 6
+ 3.4 Channel-Specific Requests . . . . . . . . . . . . . . . . . 7
+ 4. Interactive Sessions . . . . . . . . . . . . . . . . . . . . 8
+ 4.1 Opening a Session . . . . . . . . . . . . . . . . . . . . . 8
+ 4.2 Requesting a Pseudo-Terminal . . . . . . . . . . . . . . . . 8
+ 4.3 X11 Forwarding . . . . . . . . . . . . . . . . . . . . . . . 9
+ 4.3.1 Requesting X11 Forwarding . . . . . . . . . . . . . . . . . 9
+ 4.3.2 X11 Channels . . . . . . . . . . . . . . . . . . . . . . . . 9
+ 4.4 Environment Variable Passing . . . . . . . . . . . . . . . . 10
+ 4.5 Starting a Shell or a Command . . . . . . . . . . . . . . . 10
+ 4.6 Session Data Transfer . . . . . . . . . . . . . . . . . . . 11
+ 4.7 Window Dimension Change Message . . . . . . . . . . . . . . 11
+ 4.8 Local Flow Control . . . . . . . . . . . . . . . . . . . . . 12
+ 4.9 Signals . . . . . . . . . . . . . . . . . . . . . . . . . . 12
+ 4.10 Returning Exit Status . . . . . . . . . . . . . . . . . . . 12
+ 5. TCP/IP Port Forwarding . . . . . . . . . . . . . . . . . . . 14
+ 5.1 Requesting Port Forwarding . . . . . . . . . . . . . . . . . 14
+ 5.2 TCP/IP Forwarding Channels . . . . . . . . . . . . . . . . . 15
+ 6. Encoding of Terminal Modes . . . . . . . . . . . . . . . . . 16
+ 7. Summary of Message Numbers . . . . . . . . . . . . . . . . . 18
+ 8. Security Considerations . . . . . . . . . . . . . . . . . . 18
+ 9. Intellectual Property . . . . . . . . . . . . . . . . . . . 18
+ 10. Additional Information . . . . . . . . . . . . . . . . . . . 19
+ References . . . . . . . . . . . . . . . . . . . . . . . . . 19
+ Authors' Addresses . . . . . . . . . . . . . . . . . . . . . 20
+ Full Copyright Statement . . . . . . . . . . . . . . . . . . 22
+
+
+
+
+
+
+
+
+
+
+
+
+Ylonen, et. al. Expires January 12, 2004 [Page 2]
+
+Internet-Draft SSH Connection Protocol July 2003
+
+
+ 1. Introduction
+
+ The SSH Connection Protocol has been designed to run on top of the
+ SSH transport layer and user authentication protocols. It
+ provides interactive login sessions, remote execution of commands,
+ forwarded TCP/IP connections, and forwarded X11 connections. The
+ service name for this protocol (after user authentication) is
+ "ssh-connection".
+
+ This document should be read only after reading the SSH
+ architecture document [SSH-ARCH]. This document freely uses
+ terminology and notation from the architecture document without
+ reference or further explanation.
+
+ 2. Global Requests
+
+ There are several kinds of requests that affect the state of the
+ remote end "globally", independent of any channels. An example is
+ a request to start TCP/IP forwarding for a specific port. All
+ such requests use the following format.
+
+ byte SSH_MSG_GLOBAL_REQUEST
+ string request name (restricted to US-ASCII)
+ boolean want reply
+ ... request-specific data follows
+
+ Request names follow the DNS extensibility naming convention
+ outlined in [SSH-ARCH].
+
+ The recipient will respond to this message with
+ SSH_MSG_REQUEST_SUCCESS or SSH_MSG_REQUEST_FAILURE if `want reply'
+ is TRUE.
+
+ byte SSH_MSG_REQUEST_SUCCESS
+ ..... response specific data
+
+ Usually the response specific data is non-existent.
+
+ If the recipient does not recognize or support the request, it
+ simply responds with SSH_MSG_REQUEST_FAILURE.
+
+ byte SSH_MSG_REQUEST_FAILURE
+
+
+ 3. Channel Mechanism
+
+ All terminal sessions, forwarded connections, etc. are channels.
+ Either side may open a channel. Multiple channels are multiplexed
+
+
+
+Ylonen, et. al. Expires January 12, 2004 [Page 3]
+
+Internet-Draft SSH Connection Protocol July 2003
+
+
+ into a single connection.
+
+ Channels are identified by numbers at each end. The number
+ referring to a channel may be different on each side. Requests to
+ open a channel contain the sender's channel number. Any other
+ channel-related messages contain the recipient's channel number
+ for the channel.
+
+ Channels are flow-controlled. No data may be sent to a channel
+ until a message is received to indicate that window space is
+ available.
+
+ 3.1 Opening a Channel
+
+ When either side wishes to open a new channel, it allocates a
+ local number for the channel. It then sends the following message
+ to the other side, and includes the local channel number and
+ initial window size in the message.
+
+ byte SSH_MSG_CHANNEL_OPEN
+ string channel type (restricted to US-ASCII)
+ uint32 sender channel
+ uint32 initial window size
+ uint32 maximum packet size
+ ... channel type specific data follows
+
+ The channel type is a name as described in the SSH architecture
+ document, with similar extension mechanisms. `sender channel' is
+ a local identifier for the channel used by the sender of this
+ message. `initial window size' specifies how many bytes of
+ channel data can be sent to the sender of this message without
+ adjusting the window. `Maximum packet size' specifies the maximum
+ size of an individual data packet that can be sent to the sender
+ (for example, one might want to use smaller packets for
+ interactive connections to get better interactive response on slow
+ links).
+
+ The remote side then decides whether it can open the channel, and
+ responds with either
+
+ byte SSH_MSG_CHANNEL_OPEN_CONFIRMATION
+ uint32 recipient channel
+ uint32 sender channel
+ uint32 initial window size
+ uint32 maximum packet size
+ ... channel type specific data follows
+
+ where `recipient channel' is the channel number given in the
+
+
+
+Ylonen, et. al. Expires January 12, 2004 [Page 4]
+
+Internet-Draft SSH Connection Protocol July 2003
+
+
+ original open request, and `sender channel' is the channel number
+ allocated by the other side, or
+
+ byte SSH_MSG_CHANNEL_OPEN_FAILURE
+ uint32 recipient channel
+ uint32 reason code
+ string additional textual information (ISO-10646 UTF-8 [RFC2279])
+ string language tag (as defined in [RFC1766])
+
+ If the recipient of the SSH_MSG_CHANNEL_OPEN message does not
+ support the specified channel type, it simply responds with
+ SSH_MSG_CHANNEL_OPEN_FAILURE. The client MAY show the additional
+ information to the user. If this is done, the client software
+ should take the precautions discussed in [SSH-ARCH].
+
+ The following reason codes are defined:
+
+ #define SSH_OPEN_ADMINISTRATIVELY_PROHIBITED 1
+ #define SSH_OPEN_CONNECT_FAILED 2
+ #define SSH_OPEN_UNKNOWN_CHANNEL_TYPE 3
+ #define SSH_OPEN_RESOURCE_SHORTAGE 4
+
+
+ 3.2 Data Transfer
+
+ The window size specifies how many bytes the other party can send
+ before it must wait for the window to be adjusted. Both parties
+ use the following message to adjust the window.
+
+ byte SSH_MSG_CHANNEL_WINDOW_ADJUST
+ uint32 recipient channel
+ uint32 bytes to add
+
+ After receiving this message, the recipient MAY send the given
+ number of bytes more than it was previously allowed to send; the
+ window size is incremented.
+
+ Data transfer is done with messages of the following type.
+
+ byte SSH_MSG_CHANNEL_DATA
+ uint32 recipient channel
+ string data
+
+ The maximum amount of data allowed is the current window size.
+ The window size is decremented by the amount of data sent. Both
+ parties MAY ignore all extra data sent after the allowed window is
+ empty.
+
+
+
+
+Ylonen, et. al. Expires January 12, 2004 [Page 5]
+
+Internet-Draft SSH Connection Protocol July 2003
+
+
+ Additionally, some channels can transfer several types of data.
+ An example of this is stderr data from interactive sessions. Such
+ data can be passed with SSH_MSG_CHANNEL_EXTENDED_DATA messages,
+ where a separate integer specifies the type of the data. The
+ available types and their interpretation depend on the type of the
+ channel.
+
+ byte SSH_MSG_CHANNEL_EXTENDED_DATA
+ uint32 recipient_channel
+ uint32 data_type_code
+ string data
+
+ Data sent with these messages consumes the same window as ordinary
+ data.
+
+ Currently, only the following type is defined.
+
+ #define SSH_EXTENDED_DATA_STDERR 1
+
+
+ 3.3 Closing a Channel
+
+ When a party will no longer send more data to a channel, it SHOULD
+ send SSH_MSG_CHANNEL_EOF.
+
+ byte SSH_MSG_CHANNEL_EOF
+ uint32 recipient_channel
+
+ No explicit response is sent to this message; however, the
+ application may send EOF to whatever is at the other end of the
+ channel. Note that the channel remains open after this message,
+ and more data may still be sent in the other direction. This
+ message does not consume window space and can be sent even if no
+ window space is available.
+
+ When either party wishes to terminate the channel, it sends
+ SSH_MSG_CHANNEL_CLOSE. Upon receiving this message, a party MUST
+ send back a SSH_MSG_CHANNEL_CLOSE unless it has already sent this
+ message for the channel. The channel is considered closed for a
+ party when it has both sent and received SSH_MSG_CHANNEL_CLOSE,
+ and the party may then reuse the channel number. A party MAY send
+ SSH_MSG_CHANNEL_CLOSE without having sent or received
+ SSH_MSG_CHANNEL_EOF.
+
+ byte SSH_MSG_CHANNEL_CLOSE
+ uint32 recipient_channel
+
+ This message does not consume window space and can be sent even if
+
+
+
+Ylonen, et. al. Expires January 12, 2004 [Page 6]
+
+Internet-Draft SSH Connection Protocol July 2003
+
+
+ no window space is available.
+
+ It is recommended that any data sent before this message is
+ delivered to the actual destination, if possible.
+
+ 3.4 Channel-Specific Requests
+
+ Many channel types have extensions that are specific to that
+ particular channel type. An example is requesting a pty (pseudo
+ terminal) for an interactive session.
+
+ All channel-specific requests use the following format.
+
+ byte SSH_MSG_CHANNEL_REQUEST
+ uint32 recipient channel
+ string request type (restricted to US-ASCII)
+ boolean want reply
+ ... type-specific data
+
+ If want reply is FALSE, no response will be sent to the request.
+ Otherwise, the recipient responds with either
+ SSH_MSG_CHANNEL_SUCCESS or SSH_MSG_CHANNEL_FAILURE, or request-
+ specific continuation messages. If the request is not recognized
+ or is not supported for the channel, SSH_MSG_CHANNEL_FAILURE is
+ returned.
+
+ This message does not consume window space and can be sent even if
+ no window space is available. Request types are local to each
+ channel type.
+
+ The client is allowed to send further messages without waiting for
+ the response to the request.
+
+ request type names follow the DNS extensibility naming convention
+ outlined in [SSH-ARCH]
+
+ byte SSH_MSG_CHANNEL_SUCCESS
+ uint32 recipient_channel
+
+
+ byte SSH_MSG_CHANNEL_FAILURE
+ uint32 recipient_channel
+
+ These messages do not consume window space and can be sent even if
+ no window space is available.
+
+
+
+
+
+
+Ylonen, et. al. Expires January 12, 2004 [Page 7]
+
+Internet-Draft SSH Connection Protocol July 2003
+
+
+ 4. Interactive Sessions
+
+ A session is a remote execution of a program. The program may be
+ a shell, an application, a system command, or some built-in
+ subsystem. It may or may not have a tty, and may or may not
+ involve X11 forwarding. Multiple sessions can be active
+ simultaneously.
+
+ 4.1 Opening a Session
+
+ A session is started by sending the following message.
+
+ byte SSH_MSG_CHANNEL_OPEN
+ string "session"
+ uint32 sender channel
+ uint32 initial window size
+ uint32 maximum packet size
+
+ Client implementations SHOULD reject any session channel open
+ requests to make it more difficult for a corrupt server to attack
+ the client.
+
+ 4.2 Requesting a Pseudo-Terminal
+
+ A pseudo-terminal can be allocated for the session by sending the
+ following message.
+
+ byte SSH_MSG_CHANNEL_REQUEST
+ uint32 recipient_channel
+ string "pty-req"
+ boolean want_reply
+ string TERM environment variable value (e.g., vt100)
+ uint32 terminal width, characters (e.g., 80)
+ uint32 terminal height, rows (e.g., 24)
+ uint32 terminal width, pixels (e.g., 640)
+ uint32 terminal height, pixels (e.g., 480)
+ string encoded terminal modes
+
+ The encoding of terminal modes is described in Section Encoding of
+ Terminal Modes (Section 6). Zero dimension parameters MUST be
+ ignored. The character/row dimensions override the pixel
+ dimensions (when nonzero). Pixel dimensions refer to the drawable
+ area of the window.
+
+ The dimension parameters are only informational.
+
+ The client SHOULD ignore pty requests.
+
+
+
+
+Ylonen, et. al. Expires January 12, 2004 [Page 8]
+
+Internet-Draft SSH Connection Protocol July 2003
+
+
+ 4.3 X11 Forwarding
+
+ 4.3.1 Requesting X11 Forwarding
+
+ X11 forwarding may be requested for a session by sending
+
+ byte SSH_MSG_CHANNEL_REQUEST
+ uint32 recipient channel
+ string "x11-req"
+ boolean want reply
+ boolean single connection
+ string x11 authentication protocol
+ string x11 authentication cookie
+ uint32 x11 screen number
+
+ It is recommended that the authentication cookie that is sent be a
+ fake, random cookie, and that the cookie is checked and replaced
+ by the real cookie when a connection request is received.
+
+ X11 connection forwarding should stop when the session channel is
+ closed; however, already opened forwardings should not be
+ automatically closed when the session channel is closed.
+
+ If `single connection' is TRUE, only a single connection should be
+ forwarded. No more connections will be forwarded after the first,
+ or after the session channel has been closed.
+
+ The `x11 authentication protocol' is the name of the X11
+ authentication method used, e.g. "MIT-MAGIC-COOKIE-1".
+
+ The x11 authentication cookie MUST be hexadecimal encoded.
+
+ X Protocol is documented in [SCHEIFLER].
+
+ 4.3.2 X11 Channels
+
+ X11 channels are opened with a channel open request. The
+ resulting channels are independent of the session, and closing the
+ session channel does not close the forwarded X11 channels.
+
+ byte SSH_MSG_CHANNEL_OPEN
+ string "x11"
+ uint32 sender channel
+ uint32 initial window size
+ uint32 maximum packet size
+ string originator address (e.g. "192.168.7.38")
+ uint32 originator port
+
+
+
+
+Ylonen, et. al. Expires January 12, 2004 [Page 9]
+
+Internet-Draft SSH Connection Protocol July 2003
+
+
+ The recipient should respond with
+ SSH_MSG_CHANNEL_OPEN_CONFIRMATION or SSH_MSG_CHANNEL_OPEN_FAILURE.
+
+ Implementations MUST reject any X11 channel open requests if they
+ have not requested X11 forwarding.
+
+ 4.4 Environment Variable Passing
+
+ Environment variables may be passed to the shell/command to be
+ started later. Uncontrolled setting of environment variables in a
+ privileged process can be a security hazard. It is recommended
+ that implementations either maintain a list of allowable variable
+ names or only set environment variables after the server process
+ has dropped sufficient privileges.
+
+ byte SSH_MSG_CHANNEL_REQUEST
+ uint32 recipient channel
+ string "env"
+ boolean want reply
+ string variable name
+ string variable value
+
+
+ 4.5 Starting a Shell or a Command
+
+ Once the session has been set up, a program is started at the
+ remote end. The program can be a shell, an application program or
+ a subsystem with a host-independent name. Only one of these
+ requests can succeed per channel.
+
+ byte SSH_MSG_CHANNEL_REQUEST
+ uint32 recipient channel
+ string "shell"
+ boolean want reply
+
+ This message will request the user's default shell (typically
+ defined in /etc/passwd in UNIX systems) to be started at the other
+ end.
+
+ byte SSH_MSG_CHANNEL_REQUEST
+ uint32 recipient channel
+ string "exec"
+ boolean want reply
+ string command
+
+ This message will request the server to start the execution of the
+ given command. The command string may contain a path. Normal
+ precautions MUST be taken to prevent the execution of unauthorized
+
+
+
+Ylonen, et. al. Expires January 12, 2004 [Page 10]
+
+Internet-Draft SSH Connection Protocol July 2003
+
+
+ commands.
+
+ byte SSH_MSG_CHANNEL_REQUEST
+ uint32 recipient channel
+ string "subsystem"
+ boolean want reply
+ string subsystem name
+
+ This last form executes a predefined subsystem. It is expected
+ that these will include a general file transfer mechanism, and
+ possibly other features. Implementations may also allow
+ configuring more such mechanisms. As the user's shell is usually
+ used to execute the subsystem, it is advisable for the subsystem
+ protocol to have a "magic cookie" at the beginning of the protocol
+ transaction to distinguish it from arbitrary output generated by
+ shell initialization scripts etc. This spurious output from the
+ shell may be filtered out either at the server or at the client.
+
+ The server SHOULD not halt the execution of the protocol stack
+ when starting a shell or a program. All input and output from
+ these SHOULD be redirected to the channel or to the encrypted
+ tunnel.
+
+ It is RECOMMENDED to request and check the reply for these
+ messages. The client SHOULD ignore these messages.
+
+ Subsystem names follow the DNS extensibility naming convention
+ outlined in [SSH-ARCH].
+
+ 4.6 Session Data Transfer
+
+ Data transfer for a session is done using SSH_MSG_CHANNEL_DATA and
+ SSH_MSG_CHANNEL_EXTENDED_DATA packets and the window mechanism.
+ The extended data type SSH_EXTENDED_DATA_STDERR has been defined
+ for stderr data.
+
+ 4.7 Window Dimension Change Message
+
+ When the window (terminal) size changes on the client side, it MAY
+ send a message to the other side to inform it of the new
+ dimensions.
+
+ byte SSH_MSG_CHANNEL_REQUEST
+ uint32 recipient_channel
+ string "window-change"
+ boolean FALSE
+ uint32 terminal width, columns
+ uint32 terminal height, rows
+
+
+
+Ylonen, et. al. Expires January 12, 2004 [Page 11]
+
+Internet-Draft SSH Connection Protocol July 2003
+
+
+ uint32 terminal width, pixels
+ uint32 terminal height, pixels
+
+ No response SHOULD be sent to this message.
+
+ 4.8 Local Flow Control
+
+ On many systems, it is possible to determine if a pseudo-terminal
+ is using control-S/control-Q flow control. When flow control is
+ allowed, it is often desirable to do the flow control at the
+ client end to speed up responses to user requests. This is
+ facilitated by the following notification. Initially, the server
+ is responsible for flow control. (Here, again, client means the
+ side originating the session, and server means the other side.)
+
+ The message below is used by the server to inform the client when
+ it can or cannot perform flow control (control-S/control-Q
+ processing). If `client can do' is TRUE, the client is allowed to
+ do flow control using control-S and control-Q. The client MAY
+ ignore this message.
+
+ byte SSH_MSG_CHANNEL_REQUEST
+ uint32 recipient channel
+ string "xon-xoff"
+ boolean FALSE
+ boolean client can do
+
+ No response is sent to this message.
+
+ 4.9 Signals
+
+ A signal can be delivered to the remote process/service using the
+ following message. Some systems may not implement signals, in
+ which case they SHOULD ignore this message.
+
+ byte SSH_MSG_CHANNEL_REQUEST
+ uint32 recipient channel
+ string "signal"
+ boolean FALSE
+ string signal name without the "SIG" prefix.
+
+ Signal names will be encoded as discussed in the "exit-signal"
+ SSH_MSG_CHANNEL_REQUEST.
+
+ 4.10 Returning Exit Status
+
+ When the command running at the other end terminates, the
+ following message can be sent to return the exit status of the
+
+
+
+Ylonen, et. al. Expires January 12, 2004 [Page 12]
+
+Internet-Draft SSH Connection Protocol July 2003
+
+
+ command. Returning the status is RECOMMENDED. No acknowledgment
+ is sent for this message. The channel needs to be closed with
+ SSH_MSG_CHANNEL_CLOSE after this message.
+
+ The client MAY ignore these messages.
+
+ byte SSH_MSG_CHANNEL_REQUEST
+ uint32 recipient_channel
+ string "exit-status"
+ boolean FALSE
+ uint32 exit_status
+
+ The remote command may also terminate violently due to a signal.
+ Such a condition can be indicated by the following message. A
+ zero exit_status usually means that the command terminated
+ successfully.
+
+ byte SSH_MSG_CHANNEL_REQUEST
+ uint32 recipient channel
+ string "exit-signal"
+ boolean FALSE
+ string signal name without the "SIG" prefix.
+ boolean core dumped
+ string error message (ISO-10646 UTF-8)
+ string language tag (as defined in [RFC1766])
+
+ The signal name is one of the following (these are from [POSIX])
+
+ ABRT
+ ALRM
+ FPE
+ HUP
+ ILL
+ INT
+ KILL
+ PIPE
+ QUIT
+ SEGV
+ TERM
+ USR1
+ USR2
+
+ Additional signal names MAY be sent in the format "sig-name@xyz",
+ where `sig-name' and `xyz' may be anything a particular
+ implementor wants (except the `@' sign). However, it is suggested
+ that if a `configure' script is used, the non-standard signal
+ names it finds be encoded as "SIG@xyz.config.guess", where `SIG'
+ is the signal name without the "SIG" prefix, and `xyz' be the host
+
+
+
+Ylonen, et. al. Expires January 12, 2004 [Page 13]
+
+Internet-Draft SSH Connection Protocol July 2003
+
+
+ type, as determined by `config.guess'.
+
+ The `error message' contains an additional explanation of the
+ error message. The message may consist of multiple lines. The
+ client software MAY display this message to the user. If this is
+ done, the client software should take the precautions discussed in
+ [SSH-ARCH].
+
+ 5. TCP/IP Port Forwarding
+
+ 5.1 Requesting Port Forwarding
+
+ A party need not explicitly request forwardings from its own end
+ to the other direction. However, if it wishes that connections to
+ a port on the other side be forwarded to the local side, it must
+ explicitly request this.
+
+
+ byte SSH_MSG_GLOBAL_REQUEST
+ string "tcpip-forward"
+ boolean want reply
+ string address to bind (e.g. "0.0.0.0")
+ uint32 port number to bind
+
+ `Address to bind' and `port number to bind' specify the IP address
+ and port to which the socket to be listened is bound. The address
+ should be "0.0.0.0" if connections are allowed from anywhere.
+ (Note that the client can still filter connections based on
+ information passed in the open request.)
+
+ Implementations should only allow forwarding privileged ports if
+ the user has been authenticated as a privileged user.
+
+ Client implementations SHOULD reject these messages; they are
+ normally only sent by the client.
+
+
+ If a client passes 0 as port number to bind and has want reply
+ TRUE then the server allocates the next available unprivileged
+ port number and replies with the following message, otherwise
+ there is no response specific data.
+
+
+ byte SSH_MSG_GLOBAL_REQUEST_SUCCESS
+ uint32 port that was bound on the server
+
+ A port forwarding can be cancelled with the following message.
+ Note that channel open requests may be received until a reply to
+
+
+
+Ylonen, et. al. Expires January 12, 2004 [Page 14]
+
+Internet-Draft SSH Connection Protocol July 2003
+
+
+ this message is received.
+
+ byte SSH_MSG_GLOBAL_REQUEST
+ string "cancel-tcpip-forward"
+ boolean want reply
+ string address_to_bind (e.g. "127.0.0.1")
+ uint32 port number to bind
+
+ Client implementations SHOULD reject these messages; they are
+ normally only sent by the client.
+
+ 5.2 TCP/IP Forwarding Channels
+
+ When a connection comes to a port for which remote forwarding has
+ been requested, a channel is opened to forward the port to the
+ other side.
+
+ byte SSH_MSG_CHANNEL_OPEN
+ string "forwarded-tcpip"
+ uint32 sender channel
+ uint32 initial window size
+ uint32 maximum packet size
+ string address that was connected
+ uint32 port that was connected
+ string originator IP address
+ uint32 originator port
+
+ Implementations MUST reject these messages unless they have
+ previously requested a remote TCP/IP port forwarding with the
+ given port number.
+
+ When a connection comes to a locally forwarded TCP/IP port, the
+ following packet is sent to the other side. Note that these
+ messages MAY be sent also for ports for which no forwarding has
+ been explicitly requested. The receiving side must decide whether
+ to allow the forwarding.
+
+ byte SSH_MSG_CHANNEL_OPEN
+ string "direct-tcpip"
+ uint32 sender channel
+ uint32 initial window size
+ uint32 maximum packet size
+ string host to connect
+ uint32 port to connect
+ string originator IP address
+ uint32 originator port
+
+ `Host to connect' and `port to connect' specify the TCP/IP host
+
+
+
+Ylonen, et. al. Expires January 12, 2004 [Page 15]
+
+Internet-Draft SSH Connection Protocol July 2003
+
+
+ and port where the recipient should connect the channel. `Host to
+ connect' may be either a domain name or a numeric IP address.
+
+ `Originator IP address' is the numeric IP address of the machine
+ where the connection request comes from, and `originator port' is
+ the port on the originator host from where the connection came
+ from.
+
+ Forwarded TCP/IP channels are independent of any sessions, and
+ closing a session channel does not in any way imply that forwarded
+ connections should be closed.
+
+ Client implementations SHOULD reject direct TCP/IP open requests
+ for security reasons.
+
+ 6. Encoding of Terminal Modes
+
+ Terminal modes (as passed in a pty request) are encoded into a
+ byte stream. It is intended that the coding be portable across
+ different environments.
+
+ The tty mode description is a stream of bytes. The stream
+ consists of opcode-argument pairs. It is terminated by opcode
+ TTY_OP_END (0). Opcodes 1 to 159 have a single uint32 argument.
+ Opcodes 160 to 255 are not yet defined, and cause parsing to stop
+ (they should only be used after any other data).
+
+ The client SHOULD put in the stream any modes it knows about, and
+ the server MAY ignore any modes it does not know about. This
+ allows some degree of machine-independence, at least between
+ systems that use a POSIX-like tty interface. The protocol can
+ support other systems as well, but the client may need to fill
+ reasonable values for a number of parameters so the server pty
+ gets set to a reasonable mode (the server leaves all unspecified
+ mode bits in their default values, and only some combinations make
+ sense).
+
+ The following opcodes have been defined. The naming of opcodes
+ mostly follows the POSIX terminal mode flags.
+
+ 0 TTY_OP_END Indicates end of options.
+ 1 VINTR Interrupt character; 255 if none. Similarly for the
+ other characters. Not all of these characters are
+ supported on all systems.
+ 2 VQUIT The quit character (sends SIGQUIT signal on POSIX
+ systems).
+ 3 VERASE Erase the character to left of the cursor.
+ 4 VKILL Kill the current input line.
+
+
+
+Ylonen, et. al. Expires January 12, 2004 [Page 16]
+
+Internet-Draft SSH Connection Protocol July 2003
+
+
+ 5 VEOF End-of-file character (sends EOF from the terminal).
+ 6 VEOL End-of-line character in addition to carriage return
+ and/or linefeed.
+ 7 VEOL2 Additional end-of-line character.
+ 8 VSTART Continues paused output (normally control-Q).
+ 9 VSTOP Pauses output (normally control-S).
+ 10 VSUSP Suspends the current program.
+ 11 VDSUSP Another suspend character.
+ 12 VREPRINT Reprints the current input line.
+ 13 VWERASE Erases a word left of cursor.
+ 14 VLNEXT Enter the next character typed literally, even if it
+ is a special character
+ 15 VFLUSH Character to flush output.
+ 16 VSWTCH Switch to a different shell layer.
+ 17 VSTATUS Prints system status line (load, command, pid etc).
+ 18 VDISCARD Toggles the flushing of terminal output.
+ 30 IGNPAR The ignore parity flag. The parameter SHOULD be 0 if
+ this flag is FALSE set, and 1 if it is TRUE.
+ 31 PARMRK Mark parity and framing errors.
+ 32 INPCK Enable checking of parity errors.
+ 33 ISTRIP Strip 8th bit off characters.
+ 34 INLCR Map NL into CR on input.
+ 35 IGNCR Ignore CR on input.
+ 36 ICRNL Map CR to NL on input.
+ 37 IUCLC Translate uppercase characters to lowercase.
+ 38 IXON Enable output flow control.
+ 39 IXANY Any char will restart after stop.
+ 40 IXOFF Enable input flow control.
+ 41 IMAXBEL Ring bell on input queue full.
+ 50 ISIG Enable signals INTR, QUIT, [D]SUSP.
+ 51 ICANON Canonicalize input lines.
+ 52 XCASE Enable input and output of uppercase characters by
+ preceding their lowercase equivalents with `\'.
+ 53 ECHO Enable echoing.
+ 54 ECHOE Visually erase chars.
+ 55 ECHOK Kill character discards current line.
+ 56 ECHONL Echo NL even if ECHO is off.
+ 57 NOFLSH Don't flush after interrupt.
+ 58 TOSTOP Stop background jobs from output.
+ 59 IEXTEN Enable extensions.
+ 60 ECHOCTL Echo control characters as ^(Char).
+ 61 ECHOKE Visual erase for line kill.
+ 62 PENDIN Retype pending input.
+ 70 OPOST Enable output processing.
+ 71 OLCUC Convert lowercase to uppercase.
+ 72 ONLCR Map NL to CR-NL.
+ 73 OCRNL Translate carriage return to newline (output).
+ 74 ONOCR Translate newline to carriage return-newline
+
+
+
+Ylonen, et. al. Expires January 12, 2004 [Page 17]
+
+Internet-Draft SSH Connection Protocol July 2003
+
+
+ (output).
+ 75 ONLRET Newline performs a carriage return (output).
+ 90 CS7 7 bit mode.
+ 91 CS8 8 bit mode.
+ 92 PARENB Parity enable.
+ 93 PARODD Odd parity, else even.
+
+ 128 TTY_OP_ISPEED Specifies the input baud rate in bits per second.
+ 129 TTY_OP_OSPEED Specifies the output baud rate in bits per second.
+
+
+ 7. Summary of Message Numbers
+
+ #define SSH_MSG_GLOBAL_REQUEST 80
+ #define SSH_MSG_REQUEST_SUCCESS 81
+ #define SSH_MSG_REQUEST_FAILURE 82
+ #define SSH_MSG_CHANNEL_OPEN 90
+ #define SSH_MSG_CHANNEL_OPEN_CONFIRMATION 91
+ #define SSH_MSG_CHANNEL_OPEN_FAILURE 92
+ #define SSH_MSG_CHANNEL_WINDOW_ADJUST 93
+ #define SSH_MSG_CHANNEL_DATA 94
+ #define SSH_MSG_CHANNEL_EXTENDED_DATA 95
+ #define SSH_MSG_CHANNEL_EOF 96
+ #define SSH_MSG_CHANNEL_CLOSE 97
+ #define SSH_MSG_CHANNEL_REQUEST 98
+ #define SSH_MSG_CHANNEL_SUCCESS 99
+ #define SSH_MSG_CHANNEL_FAILURE 100
+
+
+ 8. Security Considerations
+
+ This protocol is assumed to run on top of a secure, authenticated
+ transport. User authentication and protection against network-
+ level attacks are assumed to be provided by the underlying
+ protocols.
+
+ It is RECOMMENDED that implementations disable all the potentially
+ dangerous features (e.g. agent forwarding, X11 forwarding, and
+ TCP/IP forwarding) if the host key has changed.
+
+ Full security considerations for this protocol are provided in
+ Section 8 of [SSH-ARCH]
+
+ 9. Intellectual Property
+
+ The IETF takes no position regarding the validity or scope of any
+ intellectual property or other rights that might be claimed to
+ pertain to the implementation or use of the technology described
+
+
+
+Ylonen, et. al. Expires January 12, 2004 [Page 18]
+
+Internet-Draft SSH Connection Protocol July 2003
+
+
+ in this document or the extent to which any license under such
+ rights might or might not be available; neither does it represent
+ that it has made any effort to identify any such rights.
+ Information on the IETF's procedures with respect to rights in
+ standards-track and standards-related documentation can be found
+ in BCP-11. Copies of claims of rights made available for
+ publication and any assurances of licenses to be made available,
+ or the result of an attempt made to obtain a general license or
+ permission for the use of such proprietary rights by implementers
+ or users of this specification can be obtained from the IETF
+ Secretariat.
+
+ The IETF has been notified of intellectual property rights claimed
+ in regard to some or all of the specification contained in this
+ document. For more information consult the online list of claimed
+ rights.
+
+ 10. Additional Information
+
+ The current document editor is: Darren.Moffat@Sun.COM. Comments
+ on this internet draft should be sent to the IETF SECSH working
+ group, details at: http://ietf.org/html.charters/secsh-
+ charter.html
+
+References
+
+ [RFC1766] Alvestrand, H., "Tags for the Identification of
+ Languages", RFC 1766, March 1995.
+
+ [RFC1884] Hinden, R., Deering, S. and Editors, "IP Version 6
+ Addressing Architecture", RFC 1884, December 1995.
+
+ [RFC2279] Yergeau, F., "UTF-8, a transformation format of
+ ISO 10646", RFC 2279, January 1998.
+
+ [SCHEIFLER] Scheifler, R., "X Window System : The Complete
+ Reference to Xlib, X Protocol, Icccm, Xlfd, 3rd
+ edition.", Digital Press ISBN 1555580882, Feburary
+ 1992.
+
+ [POSIX] ISO/IEC, 9945-1., "Information technology --
+ Portable Operating System Interface (POSIX)-Part
+ 1: System Application Program Interface (API) C
+ Language", ANSI/IEE Std 1003.1, July 1996.
+
+ [SSH-ARCH] Ylonen, T., "SSH Protocol Architecture", I-D
+ draft-ietf-architecture-14.txt, July 2003.
+
+
+
+
+Ylonen, et. al. Expires January 12, 2004 [Page 19]
+
+Internet-Draft SSH Connection Protocol July 2003
+
+
+ [SSH-TRANS] Ylonen, T., "SSH Transport Layer Protocol", I-D
+ draft-ietf-transport-16.txt, July 2003.
+
+ [SSH-USERAUTH] Ylonen, T., "SSH Authentication Protocol", I-D
+ draft-ietf-userauth-17.txt, July 2003.
+
+ [SSH-CONNECT] Ylonen, T., "SSH Connection Protocol", I-D draft-
+ ietf-connect-17.txt, July 2003.
+
+ [SSH-NUMBERS] Lehtinen, S. and D. Moffat, "SSH Protocol Assigned
+ Numbers", I-D draft-ietf-secsh-assignednumbers-
+ 03.txt, July 2003.
+
+
+Authors' Addresses
+
+ Tatu Ylonen
+ SSH Communications Security Corp
+ Fredrikinkatu 42
+ HELSINKI FIN-00100
+ Finland
+
+ EMail: ylo@ssh.com
+
+
+ Tero Kivinen
+ SSH Communications Security Corp
+ Fredrikinkatu 42
+ HELSINKI FIN-00100
+ Finland
+
+ EMail: kivinen@ssh.com
+
+
+ Markku-Juhani O. Saarinen
+ University of Jyvaskyla
+
+
+ Timo J. Rinne
+ SSH Communications Security Corp
+ Fredrikinkatu 42
+ HELSINKI FIN-00100
+ Finland
+
+ EMail: tri@ssh.com
+
+
+
+
+
+
+Ylonen, et. al. Expires January 12, 2004 [Page 20]
+
+Internet-Draft SSH Connection Protocol July 2003
+
+
+ Sami Lehtinen
+ SSH Communications Security Corp
+ Fredrikinkatu 42
+ HELSINKI FIN-00100
+ Finland
+
+ EMail: sjl@ssh.com
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Ylonen, et. al. Expires January 12, 2004 [Page 21]
+
+Internet-Draft SSH Connection Protocol July 2003
+
+
+Full Copyright Statement
+
+ Copyright (C) The Internet Society (2003). All Rights Reserved.
+
+ This document and translations of it may be copied and furnished
+ to others, and derivative works that comment on or otherwise
+ explain it or assist in its implementation may be prepared,
+ copied, published and distributed, in whole or in part, without
+ restriction of any kind, provided that the above copyright notice
+ and this paragraph are included on all such copies and derivative
+ works. However, this document itself may not be modified in any
+ way, such as by removing the copyright notice or references to the
+ Internet Society or other Internet organizations, except as needed
+ for the purpose of developing Internet standards in which case the
+ procedures for copyrights defined in the Internet Standards
+ process must be followed, or as required to translate it into
+ languages other than English.
+
+ The limited permissions granted above are perpetual and will not
+ be revoked by the Internet Society or its successors or assigns.
+
+ This document and the information contained herein is provided on
+ an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET
+ ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR
+ IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
+ THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
+ WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
+
+Acknowledgement
+
+ Funding for the RFC Editor function is currently provided by the
+ Internet Society.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Ylonen, et. al. Expires January 12, 2004 [Page 22]
+
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-19 22:51:36 +0000