/etc/ssh

The /etc/ssh/ directory on Linux systems typically contains configuration files and key-related files for the OpenSSH (Secure Shell) protocol suite. This directory plays a crucial role in managing SSH server configurations, host keys, and related settings.

Overview of /etc/ssh/

Purpose

The /etc/ssh/ directory serves the following purposes:

1. SSH Server Configuration: Contains configuration files (ssh_config and sshd_config) that define behavior and settings for both SSH clients and the SSH daemon (server).

2. Host Keys: Stores host keys used for server authentication. These keys include ssh_host_rsa_key, ssh_host_dsa_key, ssh_host_ecdsa_key, ssh_host_ed25519_key, which are generated during SSH server installation.

3. Moduli: Contains Diffie-Hellman moduli used for DH key exchange. Files like moduli store prime numbers used in the DH group exchange algorithms.

4. SSH Client Configuration: Although primarily focused on server configuration, this directory may also contain client configuration files if not individually managed in user directories (~/.ssh/).

Key Files and Directories

1. ssh_config: Configuration file for SSH client options. It defines client-side settings such as hostname resolution, user authentication, and connection parameters.

2. sshd_config: Configuration file for the SSH daemon (server). It specifies server-side settings including authentication methods, access controls, and SSH protocol options.

3. Host Keys:

   • ssh_host_rsa_key, ssh_host_rsa_key.pub: RSA host keys.

   • ssh_host_dsa_key, ssh_host_dsa_key.pub: DSA host keys (less common now due to security concerns).

   • ssh_host_ecdsa_key, ssh_host_ecdsa_key.pub: ECDSA host keys.

   • ssh_host_ed25519_key, ssh_host_ed25519_key.pub: Ed25519 host keys (modern and recommended).

4. moduli: File containing Diffie-Hellman moduli for DH key exchange algorithms used by SSH.

5. ssh_known_hosts: File containing public host keys for known hosts. It stores keys of SSH servers that the client has connected to previously.

Example Configuration Files

/etc/ssh/sshd_config

# Port to listen on
Port 22

# Protocol versions to use
Protocol 2

# Host keys
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_ed25519_key

# Authentication methods
PermitRootLogin no
PasswordAuthentication yes
PubkeyAuthentication yes

/etc/ssh/ssh_config

# Server alive interval (keep alive)
ServerAliveInterval 60

# Preferred authentication methods
PreferredAuthentications publickey,password

# User-specific SSH configuration
Host example.com
    IdentityFile ~/.ssh/id_rsa_example
    User user_example

Managing SSH Configuration

1. Editing Configuration Files: Modify sshd_config and ssh_config as needed to adjust SSH server and client behavior respectively.

2. Restarting SSH Service: After making changes to sshd_config, restart the SSH service for changes to take effect:

   sudo systemctl restart sshd

3. Securing Host Keys: Ensure proper permissions (600 for private keys, 644 for public keys) and periodically regenerate host keys for enhanced security.

Conclusion

The /etc/ssh/ directory is critical for configuring and managing SSH on Linux systems. It houses essential configuration files, host keys, and moduli used for secure communication between clients and servers. Proper configuration and management of this directory are crucial for maintaining secure and efficient SSH connections.