Greg A. Woods sez:
/*
 * > Actually, a pretty strong case COULD be made for this one, I think...
 * 
 * Yes, one could argue for it, but only if you first make a rule that
 * $LOCALBASE/etc can *not* be shared, since any sharing of ssh_host_key et
 * al will cause grief and possibly open up a crevasse in SSH security.

Point taken.

 *... 
 * In theory the host key pair shouldn't change over the lifetime of the
 * host, at least not without good reason to revoke them, and the argument
 * was made that /etc was safer and more stable than /var for this purpose.
 * (which I don't agree with, but....)

It's half of one and six doz...er, six of one and half a dozen of the
other, really.  I'd actually place my bets on /etc than /var; why, I'm
not sure.  Personal preference (things in /etc don't change (vary) much),
I guess (master.passwd notwithstanding).

 * However I don't think there's any excuse for not keeping ssh_random_seed
 * in /var/run except for the fact that it would then be the only ssh
 * run-time file not in /etc....

perhaps under /etc/ssh, and keep the directory under lock and key.

...or isn't that how it's done now?

 */






				--*greywolf;
--
Sun could have remained quite profitable by staying with BSD-based OSs, and
they wouldn't have pissed off NEARLY as many customers.