|
HP TCP/IP Services for OpenVMS Guide to SSH |
SSH Directories and Files |
|
|
| |
TCPIP$SSH_DEVICE:[TCPIP$SSH]Function: Default directory of TCPIP$SSH account
Creation: During SSH server configuration
Scope: Systemwide
Use: By running instances of the server processes
TCPIP$SSH_DEVICE:[TCPIP$SSH.SSH2]Function: Contains multiple SSH files and subdirectories.
Creation: During SSH server configuration
Scope: Systemwide
Use: By running instances of the server processes
TCPIP$SSH_DEVICE:[TCPIP$SSH.SSH2]SSHD2_CONFIG.Function: Server configuration file
Creation: During SSH server configuration by extracting a template file from the TCP/IP kit. The system manager edits the file as necessary.
Scope: Systemwide
Use: Read by a starting server process; also read by the client for host-based authentication.
TCPIP$SSH_DEVICE:[TCPIP$SSH.SSH2]HOSTKEY.Function: Contains the private part of the host key pair. This file is owned by the system account, is readable by the system only, and is not accessible to others.
Creation: Together with the public part of the host key pair during SSH server configuration (if requested). The new key can be created any time by a system manager running the key-generation utility, SSH_KEYGEN, which creates both keys.
Scope: Systemwide
Use: By the server, when connection from a client is requested.
TCPIP$SSH_DEVICE:[TCPIP$SSH.SSH2]HOSTKEY.PUBFunction: Contains the public part of the host key. This file is writable by the system account only and readable by world.
Creation: Together with the private part of the host key during SSH server configuration (if requested). The new key can be created any time by a system manager running the key generation utility, SSH_KEYGEN, which creates both keys).
Scope: Systemwide
Use: The server copies this file to a client when a connection is requested by a client.
TCPIP$SSH_DEVICE:[TCPIP$SSH]SHOSTS.EQUIVFunction: List of trusted hosts.
Creation: An empty file is created during SSH server configuration. The system manager populates the file.
Scope: Systemwide
Use: As a systemwide list of trusted hosts checked by a server for host-based authentication.
TCPIP$SSH_DEVICE:[TCPIP$SSH.SSH2.KNOWNHOSTS]Function: Systemwide directory that contains public keys of all remote client hosts that might attempt to connect to the server using host-based authentication.
Creation: An empty file is created during SSH server configuration. It is populated by the system manager as necessary by copying files from client hosts.
Scope: Systemwide
Use: The server gets public keys of remote client hosts from this directory when it it processing a request for a host-based authentication connection.
SYS$LOGIN:SHOSTS.Function: List of trusted hosts
Creation: By the user, if necessary
Scope: User specific
Use: As a user-specific list of trusted hosts, checked by the server for host-based authentication. The server checks this list after it checks the systemwide SHOSTS.EQUIV, enabling the user to add hosts to the systemwide list.
SYS$LOGIN:[SSH2]Function: Contains multiple SSH files and subdirectories.
Creation: By the user, if necessary
Scope: User specific
Use: By running the server
SYS$LOGIN:[SSH2.KNOWNHOSTS]Function: A user-specific directory that contains public keys of all remote client hosts that might try to connect to the server using host-based authentication.
Creation: By the user, if necessary. The user populates the directory by copying files from client hosts.
Scope: User specific
Use: The server gets public keys of remote client hosts from this directory when it is processing a request for a host-based authentication connection. The file from this directory is used if another file with the same name exists in the systemwide directory.
SYS$SYSLOGIN:[SSH2]AUTHORIZATIONFunction: Contains information that allows the server to identify the user for public-key authentication.
Creation: By the user, if necessary. The user populates this file by copying files from the client hosts.
Scope: User specific
Use: The server uses the information in this file to identify the user.
|
|