Quiz Entry - updated: 2026.07.14
What are the important SSH key storage files and their purposes?
Your secret lives in ~/.ssh/id_rsa (private, never share); the server stores your id_rsa.pub in authorized_keys, and your client remembers each server's identity in known_hosts.
The split matters: authorized_keys answers "who may log in", while known_hosts answers "is this really the server I think it is". Getting the two confused is a classic beginner mistake.
Client-side files (~/.ssh/):
| File | Purpose |
|---|---|
known_hosts |
Stores fingerprints of servers you've connected to |
id_rsa |
Your private key (keep secret!) |
id_rsa.pub |
Your public key (share with servers) |
Server-side files:
| File | Purpose |
|---|---|
/etc/ssh/ssh_known_hosts |
System-wide known hosts |
/etc/ssh/ssh_host_*_key.pub |
Server's public host keys |
~/.ssh/authorized_keys |
Public keys allowed to log in as this user |
StrictHostKeyChecking:
- Set in
~/.ssh/configor/etc/ssh/ssh_config yes= reject unknown hosts (secure)ask= prompt user (default)no= auto-accept (insecure)
Warning: If a server's key changes unexpectedly, SSH warns you - this could indicate a man-in-the-middle attack!
Go deeper:
sshd(8) — known_hosts & authorized_keys formats — what
authorized_keys(who may log in) vsknown_hosts(server identity) hold.