From owner-freebsd-security  Mon Jan 22 14:41:25 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id OAA23279
          for security-outgoing; Mon, 22 Jan 1996 14:41:25 -0800 (PST)
Received: from ibp.ibp.fr (ibp.ibp.fr [132.227.60.30])
          by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id OAA23274
          for <security@FreeBSD.org>; Mon, 22 Jan 1996 14:41:18 -0800 (PST)
Received: from blaise.ibp.fr (blaise.ibp.fr [132.227.60.1])
	by ibp.ibp.fr (8.6.12/jtpda-5.0) with ESMTP id XAA04397
	; Mon, 22 Jan 1996 23:41:06 +0100
Received: from (uucp@localhost)
	by blaise.ibp.fr (8.6.12/jtpda-5.0) with UUCP id XAA15458
	; Mon, 22 Jan 1996 23:41:05 +0100
Received: (from roberto@localhost) by keltia.freenix.fr (8.7.3/keltia-uucp-2.7) id XAA05768; Mon, 22 Jan 1996 23:27:49 +0100 (MET)
From: Ollivier Robert <roberto@keltia.freenix.fr>
Message-Id: <199601222227.XAA05768@keltia.freenix.fr>
Subject: Re: ssh /etc config files location..
To: p.richards@elsevier.co.uk (Paul Richards)
Date: Mon, 22 Jan 1996 23:27:49 +0100 (MET)
Cc: security@FreeBSD.org
In-Reply-To: <199601221704.RAA09129@cadair.elsevier.co.uk> from "Paul Richards" at Jan 22, 96 05:04:16 pm
X-Operating-System: FreeBSD 2.2-CURRENT ctm#1586
X-Mailer: ELM [version 2.4ME+ PL0 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-security@FreeBSD.org
Precedence: bulk

It seems that Paul Richards said:
> I disagree with /etc. These are not configuration files, they are
> runtime modifiable files and should go in /var.

When you  take ssh out-of-the-box  on  a  FreeBSD  system, you'll have  the
following data at the following locations:

1. the ssh client and server configuration file are in /etc unless you have
   changed it with configure   --with-etcdir. I use /etc/ssh personally  to
   avoid cluttering /etc. I use /etc/mail for the same reasons.

2. the sshd.pid has been put in /var/run as many daemons.  It used to be in
   $etcdir but I  asked Tatu change  it because it  is more consistent with
   current BSD behaviour. 

3. the host private and public  are in $etcdir. I  really think they should
   be on a local disk but it  cannot be /var/run  as it is whipped clean at
   reboot.  

4. the ssh_random_seed  file  could eventually be   in /var/run but   it is
   better to maintain it  between reboot.  We  have /dev/random so maybe it
   is less an issue... 

Putting everything in  /usr/local is standard and a  good thing but  I feel
that some things like ssh don't have to follow it.

PS for those who are using the 

# Location of local startup files.
local_startup=/etc/rc.d

feature of sysconfig, here the script I use:

sshd.sh
------------------------------------------------------------
#! /bin/sh

SSHDIR=/etc/ssh
PIDDIR=/var/run

if [ X"$1" = Xstart ]; then
	if [ -f /usr/local/sbin/sshd -a -f $SSHDIR/sshd_config ]; then
		echo 'Starting sshd.'
		/usr/local/sbin/sshd
	fi
fi

if [ X"$1" = Xstop ]; then
	if [ -f $PIDDIR/sshd.pid ]; then
		echo 'Stopping sshd.'
		kill `cat $PIDDIR/sshd.pid`
	fi
fi
------------------------------------------------------------
-- 
Ollivier ROBERT    -=- The daemon is FREE! -=-    roberto@keltia.frmug.fr.net
   FreeBSD keltia.freenix.fr 2.2-CURRENT #1: Sun Jan 14 20:23:45 MET 1996