The following table shows the important Solaris Secure Shell files and the suggested file permissions.
Table 20–5 Solaris Secure Shell Files
File Name |
Description |
Suggested Permissions and Owner |
---|---|---|
Contains configuration data for sshd, the Solaris Secure Shell daemon. |
-rw-r--r-- root |
|
Contains the host private key (v1). |
-rw------- root |
|
Contains the host private key (v2). |
-rw------- root |
|
Contains the host public key, for example, /etc/ssh/ssh_host_rsa_key.pub. Is used to copy the host key to the local known_hosts file. |
-rw-r--r-- root |
|
Contains the process ID of the Solaris Secure Shell daemon, sshd. If multiple daemons are running, the file contains the last daemon that was started. |
-rw-r--r-- root |
|
Holds the public keys of the user who is allowed to log in to the user account. |
-rw-r--r-- username |
|
Contains the host public keys for all hosts with which the client can communicate securely. The file is populated by the administrator. |
-rw-r--r-- root |
|
Contains the host public keys for all hosts with which the client can communicate securely. The file is maintained automatically. Whenever the user connects with an unknown host, the remote host key is added to the file. |
-rw-r--r-- username |
|
Provides defaults for the sshd daemon when corresponding sshd_config parameters are not set. |
-r--r--r-- root |
|
If this file exists, the sshd daemon only permits root to log in. The contents of this file are displayed to users who are attempting to log in. |
-rw-r--r-- root |
|
Contains the host-user name pairs that specify the hosts to which the user can log in without a password. This file is also used by the rlogind and rshd daemons. |
-rw-r--r-- username |
|
Contains the host-user name pairs that specify the hosts to which the user can log in without a password. This file is not used by other utilities. For more information, see the sshd(1M)man page in the FILES section. |
-rw-r--r-- username |
|
Contains the hosts that are used in .rhosts authentication. This file is also used by the rlogind and rshd daemons. |
-rw-r--r-- root |
|
Contains the hosts that are used in host-based authentication. This file is not used by other utilities. |
-rw-r--r-- root |
|
Contains initial assignments at login. By default, this file is not read. The PermitUserEnvironment keyword in the sshd_config file must be set to yes for this file to be read. |
-rw-r--r-- username |
|
Contains initialization routines that are run before the user shell starts. For a sample initialization routine, see the sshd man page. |
-rw-r--r-- username |
|
Contains host-specific initialization routines that are specified by an administrator. |
-rw-r--r-- root |
|
Configures system settings on the client system. |
-rw-r--r-- root |
|
Configures user settings. Overrides system settings. |
-rw-r--r-- username |
The following table lists the Solaris Secure Shell files that can be overridden by keywords or command options.
Table 20–6 Overrides for the Location of Solaris Secure Shell Files
File Name |
Keyword Override |
Command-Line Override |
---|---|---|
|
ssh -F config-file scp -F config-file |
|
|
ssh -F config-file |
|
/etc/ssh/host_dsa_key |
HostKey |
|
IdentityFile |
ssh -i id-file scp -i id-file |
|
AuthorizedKeysFile |
|
|
GlobalKnownHostsFile |
|
|
UserKnownHostsFile IgnoreUserKnownHosts |
|