Secure Shell (SSH): Public Key Authentication over Hypertext Transfer Protocol (HTTP)
This addresses a specific technical challenge for developers of web applications that need to support SSH clients, but it is incremental as it builds on existing SSH and HTTP protocols without introducing new paradigms.
The paper tackled the problem of enabling SSH public key authentication over HTTP for web-based SSH clients, which face restrictions like same-origin policy and limited local resource access, and provided a system that ensures no security compromise to the SSH protocol.
Secure Shell (SSH) protocol requires all implementations to support public key authentication method ("publickey") for authentication purposes, so web applications which provide a SSH client over the web browser need to support "publickey". However, restrictions in Hypertext Transfer Protocol (HTTP), such as same origin policy, and limited access to local resources, make it difficult to perform such authentications. In this document, a system to perform "publickey" authentication over HTTP is provided. It is ensured that no compromise is made that would pose a security risk to SSH protocol.