diff --git a/etc/defaults/rc.conf b/etc/defaults/rc.conf
index 960b6bc08d3c..88faca181a55 100644
--- a/etc/defaults/rc.conf
+++ b/etc/defaults/rc.conf
@@ -1,4 +1,4 @@
-#	$NetBSD: rc.conf,v 1.29 2002/02/21 19:59:09 garbled Exp $
+#	$NetBSD: rc.conf,v 1.30 2002/02/24 12:50:08 lukem Exp $
 #
 # /etc/defaults/rc.conf --
 #	default configuration of /etc/rc.conf
@@ -148,6 +148,7 @@ sendmail=NO		sendmail_flags="-bd -q30m"
 postfix=NO
 lpd=NO			lpd_flags="-s"		# -s "secure" unix domain only
 sshd=NO			sshd_flags=""
+			sshd_conf_dir="/etc"	# directory for sshd conf files
 
 # To run the named(8) DNS server as an unprivileged user under a
 # chroot(2) cage, uncomment the following after migrating the contents
diff --git a/etc/rc.d/sshd b/etc/rc.d/sshd
index 40caab0171de..509924a1f8a4 100755
--- a/etc/rc.d/sshd
+++ b/etc/rc.d/sshd
@@ -1,6 +1,6 @@
 #!/bin/sh
 #
-# $NetBSD: sshd,v 1.12 2001/04/25 23:27:37 lukem Exp $
+# $NetBSD: sshd,v 1.13 2002/02/24 12:50:09 lukem Exp $
 #
 
 # PROVIDE: sshd
@@ -12,41 +12,42 @@ name="sshd"
 rcvar=$name
 command="/usr/sbin/${name}"
 pidfile="/var/run/${name}.pid"
-required_files="/etc/${name}.conf"
+load_rc_config $name
+required_files="${sshd_conf_dir}/${name}.conf"
 extra_commands="keygen reload"
 
 sshd_keygen()
 {
 	(
 	umask 022
-	if [ -f /etc/ssh_host_key ]; then
-		echo "You already have an RSA host key in /etc/ssh_host_key"
+	if [ -f ${sshd_conf_dir}/ssh_host_key ]; then
+		echo "You already have an RSA host key in ${sshd_conf_dir}/ssh_host_key"
 		echo "Skipping protocol version 1 RSA Key Generation"
 	else
-		/usr/bin/ssh-keygen -t rsa1 -b 1024 -f /etc/ssh_host_key -N ''
+		/usr/bin/ssh-keygen -t rsa1 -b 1024 -f ${sshd_conf_dir}/ssh_host_key -N ''
 	fi
 
-	if [ -f /etc/ssh_host_dsa_key ]; then
-		echo "You already have a DSA host key in /etc/ssh_host_dsa_key"
+	if [ -f ${sshd_conf_dir}/ssh_host_dsa_key ]; then
+		echo "You already have a DSA host key in ${sshd_conf_dir}/ssh_host_dsa_key"
 		echo "Skipping protocol version 2 DSA Key Generation"
 	else
-		/usr/bin/ssh-keygen -t dsa -f /etc/ssh_host_dsa_key -N ''
+		/usr/bin/ssh-keygen -t dsa -f ${sshd_conf_dir}/ssh_host_dsa_key -N ''
 	fi
 
-	if [ -f /etc/ssh_host_rsa_key ]; then
-		echo "You already have a RSA host key in /etc/ssh_host_rsa_key"
+	if [ -f ${sshd_conf_dir}/ssh_host_rsa_key ]; then
+		echo "You already have a RSA host key in ${sshd_conf_dir}/ssh_host_rsa_key"
 		echo "Skipping protocol version 2 RSA Key Generation"
 	else
-		/usr/bin/ssh-keygen -t rsa -f /etc/ssh_host_rsa_key -N ''
+		/usr/bin/ssh-keygen -t rsa -f ${sshd_conf_dir}/ssh_host_rsa_key -N ''
 	fi
 	)
 }
 
 sshd_precmd()
 {
-	if [ ! -f /etc/ssh_host_key -o ! -f /etc/ssh_host_dsa_key -o \
-	     ! -f /etc/ssh_host_rsa_key ]; then
-		/etc/rc.d/sshd keygen
+	if [ ! -f ${sshd_conf_dir}/ssh_host_key -o ! -f ${sshd_conf_dir}/ssh_host_dsa_key -o \
+	     ! -f ${sshd_conf_dir}/ssh_host_rsa_key ]; then
+		$0 keygen
 	fi
 }