Software Inventory (SSH, The Secure Shell: The Definitive Guide)

4.4. Software Inventory

Table 4-1. Software Inventory

Component	SSH1	OpenSSH	SSH2
Server config	/etc/sshd_config	/etc/sshd_config	/etc/ssh2/sshd2_config
Global client config	/etc/ssh_config	/etc/ssh_config	/etc/ssh2/ssh2_config
Host private key	/etc/ssh_host_key	/etc/ssh_host_dsa_key	/etc/ssh2/hostkey
Host public key	/etc/ssh_host_key.pub	/etc/ssh_host_dsa_key.pub	/etc/ssh2/hostkey.pub
Client host keys	/etc/ssh_known_hosts ~/.ssh/ssh_known_hosts	/etc/ssh_known_hosts ~/.ssh/ssh_known_hosts ~/.ssh/ssh_known_hosts2	/etc/ssh2/hostkeys ~/.ssh2/hostkeys/*
Remote host keys	~/.ssh/ssh_known_hosts	~/.ssh/ssh_known_hosts ~/.ssh/ssh_known_hosts2	~/.ssh2/knownhosts/*
libwrap control files	/etc/hosts.allow /etc/hosts.deny	/etc/hosts.allow /etc/hosts.deny	/etc/hosts.allow /etc/hosts.deny
Authorization for login via public key	~/.ssh/authorized_keys	~/.ssh/authorized_keys ~/.ssh/authorized_keys2	~/.ssh2/authorization
Authorization for login via trusted-host	/etc/hosts.equiv /etc/shosts.equiv ~/.shosts ~/.rhosts	/etc/hosts.equiv /etc/shosts.equiv ~/.shosts ~/.rhosts	/etc/hosts.equiv /etc/shosts.equiv ~/.shosts ~/.rhosts
Default keypair for public-key authentication	~/.ssh/identity{.pub}	SSH-1/RSA: ~/.ssh/identity{.pub} SSH-2/DSA: ~/.ssh/id_dsa{.pub} [52]	(No default)
Random seed	~/.ssh/random_seed /etc/ssh_random_seed	~/.ssh/prng_seed [53]	~/.ssh2/random_seed /etc/ssh2/random_seed
Commands for generating randomness	-	/etc/ssh_prng_cmds	-
Kerberos	/etc/krb5.conf ~/.k5login	/etc/krb.conf ~/.klogin	-
Terminal client	ssh1 slogin link to ssh1	ssh slogin link to ssh	ssh2
Secure file copy client	scp1	scp	scp2
Signer program	-	-	ssh-signer2
sftp2/scp2 server	-	-	sftp-server2
Authentication agent	ssh-agent1	ssh-agent	ssh-agent2
Key generator	ssh-keygen1	ssh-keygen	ssh-keygen2
Key add/remove	ssh-add1	ssh-add	ssh-add2
Find SSH servers	-	-	ssh-probe2
Get passphrase via terminal or X	ssh-askpass1	-	ssh-askpass2
Server program	sshd1	sshd	sshd2

[52]This can't be changed using -i as it can with OpenSSH/1; use -oIdentity2=key_ fileinstead.

[53]Present only if using OpenSSH's internal entropy-gathering mechanism (i.e., no /dev/random or equivalent on system). SSH1 and SSH2 use seed files even when /dev/random exists.


4.3. OpenSSH		4.5. Replacing R-Commands with SSH