Home > Articles > Operating Systems, Server > Solaris

  • Print
  • + Share This
Like this article? We recommend

Like this article? We recommend


In order of precedence, Secure Shell configuration occurs at the following places:

  • Software build-time

  • Server command line options

  • Server configuration file (sshd_config)

  • Client command line options

  • User client configuration file (~/.ssh/config)

  • Global client configuration file (ssh_config).

Build time configuration is the strongest configuration type. It cannot be changed without rebuilding the software. This is inconvenient if a change is needed. The build-time configuration of the Solaris Secure Shell software is fixed and cannot be changed.

The server configuration involves how the sshd(1M) daemon will present itself on the network, what protocols and authentication methods are acceptable, and how the user environment is constructed. The client configuration involves determining which server to transact with which protocol, verifying the server identity, determining the user identity presentation, and choosing the ease-of-use features. Policy details are implemented on the server side. The client cannot override, nor provide, a feature that the server does not offer.

The available features can be enabled or disabled by either command-line options or the applicable configuration file. Command-line options apply to that particular instantiation of either the server or client. Configuration-file options are persistent until the file is altered and a new instantiation started. The most reliable configuration method uses the configuration file. This gives a repeatable, reproducible invocation. Changes can also be tracked by using source control. For information on command-line options, consult the vendor documentation.

  • + Share This
  • 🔖 Save To Your Account