There are many differences among the current crop of SSH implementations: features that aren't dictated by the protocols, but are simply inclusions or omissions by the software authors. Here we discuss a few implementation-dependent features of various products:
Authorization in hostbased authentication
SSH-1 backward compatibility
SSH host keys are long-term asymmetric keys that distinguish and identify hosts running SSH, or instances of the SSH server, depending on the SSH implementation. This happens in two places in the SSH protocol:
Server authentication verifying the server host's identity to connecting clients. This process occurs for every SSH connection.
Authentication of a client host to the server; used only during RhostsRSA or hostbased user authentication.
Unfortunately, the term "host key" is confusing. It implies that only one such key may belong to a given host. This is true for client authentication but not for server authentication, because multiple SSH servers may run on a single machine, each with a different identifying key. This so-called "host key" actually identifies a running instance of the SSH server program, not a machine.
OpenSSH maintains a single database serving both server authentication and client authentication. It is the union of the system's known_hosts file (/etc/ssh/ssh_known_hosts), together with the user's ~/.ssh/known_hosts file on either the source machine (for ...