Software Inventory
Table 4-1. Software Inventory
| Component | SSH1 | OpenSSH | SSH2 |
|---|---|---|---|
| Server config | /etc/sshd_config | /etc/sshd_config | /etc/ssh2/sshd2_config |
| Global client config | /etc/ssh_config | /etc/ssh_config | /etc/ssh2/ssh2_config |
| Host private key | /etc/ssh_host_key | /etc/ssh_host_dsa_key | /etc/ssh2/hostkey |
| Host public key | /etc/ssh_host_key.pub | /etc/ssh_host_dsa_key.pub | /etc/ssh2/hostkey.pub |
| Client host keys | /etc/ssh_known_hosts~/.ssh/ssh_known_hosts | /etc/ssh_known_hosts~/.ssh/ssh_known_hosts~/.ssh/ssh_known_hosts2 | /etc/ssh2/hostkeys~/.ssh2/hostkeys/* |
| Remote host keys | ~/.ssh/ssh_known_hosts | ~/.ssh/ssh_known_hosts~/.ssh/ssh_known_hosts2 | ~/.ssh2/knownhosts/* |
| libwrap control files | /etc/hosts.allow/etc/hosts.deny | /etc/hosts.allow/etc/hosts.deny | /etc/hosts.allow/etc/hosts.deny |
| Authorization for login via public key | ~/.ssh/authorized_keys | ~/.ssh/authorized_keys~/.ssh/authorized_keys2 | ~/.ssh2/authorization |
| Authorization for login via trusted-host | /etc/hosts.equiv/etc/shosts.equiv~/.shosts~/.rhosts | /etc/hosts.equiv/etc/shosts.equiv~/.shosts~/.rhosts | /etc/hosts.equiv/etc/shosts.equiv~/.shosts~/.rhosts |
| Default keypair for public-key authentication | ~/.ssh/identity{.pub} | SSH-1/RSA:~/.ssh/identity{.pub} SSH-2/DSA:~/.ssh/id_dsa{.pub} [52] | (No default) |
| Random seed | ~/.ssh/random_seed/etc/ssh_random_seed | ~/.ssh/prng_seed [53] | ~/.ssh2/random_seed/etc/ssh2/random_seed |
| Commands for generating randomness | - | /etc/ssh_prng_cmds | - |
| Kerberos | /etc/krb5.conf~/.k5login | /etc/krb.conf~/.klogin | - |
| Terminal client | ssh1slogin link to ssh1 | sshslogin link to ssh | ssh2 |
| Secure file copy client | scp1 | scp | scp2 |
| Signer program | - | - | ssh-signer2 |
| sftp2/scp2 server | - | - | sftp-server2 |
| Authentication agent | ssh-agent1 | ssh-agent | ssh-agent2 |
| Key generator | ssh-keygen1 | ssh-keygen | ssh-keygen2 |
| Key add/remove | ssh-add1 | ssh-add | ssh-add2 |
| Find SSH servers | - | - | ssh-probe2 |
| Get passphrase via terminal or X | ssh-askpass1 | - | ssh-askpass2 |
| Server program | sshd1 | sshd | sshd2 |
[52]This can't be changed using -i as it can with OpenSSH/1; use -oIdentity2=key_ file instead.
[53]Present only if using OpenSSH's internal entropy-gathering mechanism (i.e., no /dev/random or equivalent on system). SSH1 and SSH2 use seed files even when /dev/random exists.