What is the difference between /etc/ssh/ and ~/.ssh?

centos
debian
openssh
linux

#1

Hi,

I’m having fun with OpenSSH, and i know the “/etc/ssh” directory is for the ssh daemon and the “~/.ssh” directory is for a particular user.

Both directories contain private and public keys:

but what is the difference between those keys in both directories? I’m confused because the ones i use as a user, is in my home directory ~/.ssh, and what are the roles of the keys found in /etc/ssh ? for what purpose are they created for ?

Thanks.


#2

key and pub are the private and public keys (notice the limited permissions). The ones in the home folder can be used for key/value auth or even the client on the Linux side to connect to something else.

key and pub allowing someone with the right key to log in a 'ftpuser'
-rw------- 1 ftpuser ftpuser 1.7K Nov 14 14:52 id_rsa
-rw-r--r-- 1 ftpuser ftpuser  406 Nov 14 14:52 id_rsa.pub

 key and pub used for the sshd keys, the "systems" host key, you can change if you wanted.
-rw-------  1 root root      227 Aug 22  2017 ssh_host_ecdsa_key
-rw-r--r--  1 root root      183 Aug 22  2017 ssh_host_ecdsa_key.pub
-rw-r-----  1 root ssh_keys  387 Aug 22  2017 ssh_host_ed25519_key
-rw-r--r--  1 root root       82 Aug 22  2017 ssh_host_ed25519_key.pub

Further reading:


#3

Good information, but it’s not what i was looking for. Thanks anyway


#4
  1. /etc/ssh - server side config for both server and ssh client. Global info for all users.
  2. ~/ssh/ - client side config for a single user account. Also stores your private and public keys. Private info and config for your own session only.

#5

I explained what you were asking but perhaps I was not clear enough.
The local user’s directory under home is for someone using the system as a user and needs to connect somewhere else. OR it can also be used for allowing incoming connections for that specific user.

Obviously the /etc/ssh folder is for the service to mange and use as needed.