OpenSSH clients and servers have several configuration files. Global configuration files are stored in the /etc/ssh directory. User configuration files are stored in an .ssh directory in user home directories (~/.ssh).
/etc/ssh: Global Files
The following are brief descriptions of the global configuration files under /etc/ssh directory.
# ls -lrt /etc/ssh total 156 -rw------- 1 root root 125811 Aug 7 13:40 moduli -rw-r--r--. 1 root root 382 Aug 9 00:39 ssh_host_rsa_key.pub -rw-------. 1 root root 1675 Aug 9 00:39 ssh_host_rsa_key -rw-r--r--. 1 root root 627 Aug 9 00:39 ssh_host_key.pub -rw-------. 1 root root 963 Aug 9 00:39 ssh_host_key -rw-r--r--. 1 root root 590 Aug 9 00:39 ssh_host_dsa_key.pub -rw-------. 1 root root 668 Aug 9 00:39 ssh_host_dsa_key -rw-r--r--. 1 root root 2103 Aug 9 00:40 ssh_config -rw-------. 1 root root 3949 Aug 9 00:40 sshd_config
| File | Purpose |
|---|---|
| moduli | Contains key exchange information used to establish a secure connection |
| ssh_config | The default OpenSSH client configuration file. Entries are overridden by a user’s ~/.ssh/config file. |
| sshd_config | The configuration file for the sshd daemon |
| ssh_host_ecdsa_key | The ECDSA private key used by the sshd daemon |
| ssh_host_ecdsa_key.pub | The ECDSA public key used by the sshd daemon |
| ssh_host_key | The RSA private key for version SSH1 |
| ssh_host_key.pub | The RSA public key for version SSH1 |
| ssh_host_rsa_key | The RSA private key for version SSH2 |
| ssh_host_rsa_key.pub | The RSA public key for version SSH2 |
There is also a PAM configuration file for the sshd daemon, /etc/pam.d/sshd, and a configuration file for the sshd service, /etc/sysconfig/sshd.
~/.ssh: User Files
OpenSSH creates the ~/.ssh directory and the known_hosts file automatically when you connect to a remote system. The following are brief descriptions of the user-specific configuration files:
| File | Purpose |
|---|---|
| authorized_keys | Contains a list of authorized public keys for SSH servers. The server authenticates the client by checking its signed public key within this file. |
| id_ecdsa | The ECDSA private key of the user |
| id_ecdsa.pub | The ECDSA public key of the user |
| id_rsa | The RSA private key for version SSH2 |
| id_rsa.pub | The RSA public key for version SSH2 |
| identity | The RSA private key for version SSH1 |
| identity.pub | The RSA public key for version SSH1 |
| known_hosts | Contains host keys of SSH servers accessed by the user. OpenSSH automatically adds entries each time the user connects to a new server. |