| |
|
Home
|
| Red Hat Linux 7.3: The Official Red Hat Linux Reference Guide |
|---|
| Prev | Chapter 10. SSH Protocol | Next |
OpenSSH has two different sets of configuration files: one for
client programs (ssh, scp, and
sftp) and one for the server service
(sshd).
System-wide SSH configuration information is stored in the
/etc/ssh/ directory:
moduli — Contains Diffie-Hellman
groups used for the Diffie-Hellman key exchange which is critical
for constructing a secure transport layer. When keys are exchanged
at the beginning of an SSH session, a shared, secret value is created
which cannot be determined by either party alone. This value is then
used to provide host authentication.
ssh_config — The system-wide default
SSH client configuration file. It is overridden if one is also
present in the user's home directory
(~/.ssh/config).
sshd_config — The configuration file for
sshd.
ssh_host_dsa_key — The DSA private key
used by sshd.
ssh_host_dsa_key.pub — The DSA public key
used by sshd.
ssh_host_key — The RSA private key used
by sshd for version 1 of the SSH protocol.
ssh_host_key.pub — The RSA public key
used by sshd for version 1 of the SSH protocol.
ssh_host_rsa_key — The RSA private key
used by sshd for version 2 of the SSH protocol.
ssh_host_rsa_key.pub — The RSA public key
used by sshd for version 2 of the SSH protocol.
User-specific SSH configuration information is stored in the user's home
directory within the ~/.ssh/ directory:
authorized_keys — The file that holds a
list of "authorized" public keys. If a connecting user can prove
that they know the private key which corresponds to any of these,
then they are authenticated. Note, this is only an optional
authentication method.
id_dsa — Contains the DSA authentication
identity of the user.
id_dsa.pub — The DSA public key of the
user.
id_rsa — The RSA public key used by
sshd for version 2 of the SSH protocol.
identity — The RSA private key used by
sshd for version 1 of the SSH protocol.
known_hosts — This file
contains DSA host keys of SSH servers accessed by the user. This
file is very important for ensuring that the SSH client is
connecting the correct SSH server. If a host's key has changed, and
you are not absolutely certain why, you should contact the system
administrator of the SSH server to make sure that the server has not
been compromised. If a server's host keys are legitimately altered
by a re-installation of Red Hat Linux the next time you log into that
server you will be notified that the host key stored in the
known_hosts file does not match. To connect to
the server, the user must open the known_hosts
file in a text editor and delete the key for that host. This allows the
SSH client to create a new host key.
See the man pages for ssh and sshd
for information concerning the various directives available in the SSH
configuration files.
|
|
|
|
|
|
|
|
Disclaimer: For authoritative source or latest update to this
documentation, please refer to http://www.redhat.com/docs/manuals/linux/ |
|
 |
|
|
|
Quotes: The poor wish to be rich, the rich wish to be happy, the single wish to be married and the married wish to be dead.People who have attained things worth having in this world have worked while others have idled, have persevered while others gave up in despair, and have practiced early in life the valuable habits of self-denial, industry, and singleness of purpose. As a result, they enjoy in later life the success often erroneously attributed to good luck.
|
|
|
|
|
|
|
