1. Introduction

   This document describes the methods used to perform key exchange and
   user authentication in the Secure Shell protocol using the GSS-API.
   To do this, it defines a family of key exchange methods, two user
   authentication methods, and a new host key algorithm.  These
   definitions allow any GSS-API mechanism to be used with the Secure
   Shell protocol.

   This document should be read only after reading the documents
   describing the SSH protocol architecture [SSH-ARCH], transport layer
   protocol [SSH-TRANSPORT], and user authentication protocol
   [SSH-USERAUTH].  This document freely uses terminology and notation
   from the architecture document without reference or further
   explanation.

1.1. SSH Terminology

   The data types used in the packets are defined in the SSH
   architecture document [SSH-ARCH].  It is particularly important to
   note the definition of string allows binary content.

   The SSH_MSG_USERAUTH_REQUEST packet refers to a service; this service
   name is an SSH service name and has no relationship to GSS-API
   service names.  Currently, the only defined service name is
   "ssh-connection", which refers to the SSH connection protocol
   [SSH-CONNECT].

1.2. Key Words

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in [KEYWORDS].