Files used by the Secure Shell Client

The following files are used by the Reflection for Secure IT Secure Shell client.

User-specific Secure Shell files

These files affect Secure Shell connections for the user currently logged into Windows. They are located in the user .ssh folder.

Reflection stores Secure Shell information for individual users in the following location in the Windows personal documents folder:

Windows XP, Windows Server 2003:
\Documents and Settings\username\My Documents\Attachmate\Reflection\.ssh

Windows 7, Windows Vista, Windows Server 2008:
\Users\username\Documents\Attachmate\Reflection\.ssh

Comparable files are placed in the $HOME directory on UNIX systems.

config

User configuration file. This file contains Secure Shell settings organized by SSH configuration schemes. The contents of this file are updated each time you change settings using the Reflection Secure Shell Settings dialog box. You can also edit this file manually in any text editor. The Configuration file keyword reference topics list the keywords supported by the Reflection Secure Shell Client.

known_hosts

Reflection automatically updates this file when you update the Trusted Host Keys list in the Host Keys tab of the Secure Shell settings dialog box, or when you connect to a previously unknown host and answer Always in response to the Host Key Authenticity prompt.

System-wide Secure Shell files

These files affect Secure Shell connections for all users of the computer. They must be manually created and placed in the the Reflection application data folder.

Reflection stores Secure Shell information that is available to all users in the the following location:

Windows XP, Windows Server 2003:
\Documents and Settings\all users\Application Data\Attachmate\Reflection

Windows 7, Windows Vista, Windows Server 2008:
\ProgramData\Attachmate\Reflection

ssh_config

System wide configuration file. This file provides machine-wide defaults for those values that are not specified in the user configuration file.

ssh_known_hosts

System-wide list of known host keys. This file should contain the public host keys of all computers in the organization. This file contains public keys, one per line, in the following format (fields separated by spaces): system name, public key, and optional comment field. When different names are used for the same computer, all such names should be listed, separated by commas. The canonical system name (as returned by name servers) is used to verify the client host when a user logs in; other names are needed because Secure Shell does not convert the user-supplied name to a canonical name before checking the key, because someone with access to the name servers would then be able to fool host authentication. Keys in this list can be viewed, but not edited in the Global Host Keys list in the Host Keys tab of the Secure Shell settings dialog box.

Note: You can configure an alternate location for the host key database by configuring the GlobalKnownHostsFile keyword in the configuration file.

Files used by Reflection for PKI support

These files are used when you have configured Reflection to authenticate using PKI (Public Key Infrastructure). These files are located in the user .pki folder:

pki_config

Stores settings you configure using the Reflection Certificate Manager. These settings are used by all Reflection sessions.

trust_store.p12

PKCS (Public Key Cryptography Standards) is a set of standards devised and published by RSA laboratories that enable compatibility among public key cryptography implementations.

Different PKCS standards identify specifications for particular cryptographic uses, for example:

PKCS#7 can be used to sign and/or encrypt messages. It can also be used to store certificates and to disseminate certificates (for instance as a response to a PKCS#10 message).
PKCS#10 is a certification request syntax.
PKCS#11 is a programming interface used for cryptographic hardware tokens.
PKCS#12 defines the personal information exchange syntax used for storage and transportation of certificates and associated private keys. Files in this format typically use a *.pfx or *.p12 extension.

identity_store.p12

cert_cache

The Intermediate root certificates cache. You can clear the cache by deleting this file.

crl_cache

The CRL (Certificate Revocation List) cache. You can clear the cache by deleting this file.