| version 1.14, 2002/02/13 08:33:47 |
version 1.14.6.1, 2003/05/11 12:01:52 |
|
|
| .Nd gather ssh public keys |
.Nd gather ssh public keys |
| .Sh SYNOPSIS |
.Sh SYNOPSIS |
| .Nm ssh-keyscan |
.Nm ssh-keyscan |
| |
.Bk -words |
| .Op Fl v46 |
.Op Fl v46 |
| .Op Fl p Ar port |
.Op Fl p Ar port |
| .Op Fl T Ar timeout |
.Op Fl T Ar timeout |
|
|
| .Op Fl f Ar file |
.Op Fl f Ar file |
| .Op Ar host | addrlist namelist |
.Op Ar host | addrlist namelist |
| .Op Ar ... |
.Op Ar ... |
| |
.Ek |
| .Sh DESCRIPTION |
.Sh DESCRIPTION |
| .Nm |
.Nm |
| is a utility for gathering the public ssh host keys of a number of |
is a utility for gathering the public ssh host keys of a number of |
| hosts. It was designed to aid in building and verifying |
hosts. |
| |
It was designed to aid in building and verifying |
| .Pa ssh_known_hosts |
.Pa ssh_known_hosts |
| files. |
files. |
| .Nm |
.Nm |
|
|
| .Pp |
.Pp |
| .Nm |
.Nm |
| uses non-blocking socket I/O to contact as many hosts as possible in |
uses non-blocking socket I/O to contact as many hosts as possible in |
| parallel, so it is very efficient. The keys from a domain of 1,000 |
parallel, so it is very efficient. |
| |
The keys from a domain of 1,000 |
| hosts can be collected in tens of seconds, even when some of those |
hosts can be collected in tens of seconds, even when some of those |
| hosts are down or do not run ssh. For scanning, one does not need |
hosts are down or do not run ssh. |
| |
For scanning, one does not need |
| login access to the machines that are being scanned, nor does the |
login access to the machines that are being scanned, nor does the |
| scanning process involve any encryption. |
scanning process involve any encryption. |
| .Pp |
.Pp |
|
|
| .It Fl p Ar port |
.It Fl p Ar port |
| Port to connect to on the remote host. |
Port to connect to on the remote host. |
| .It Fl T Ar timeout |
.It Fl T Ar timeout |
| Set the timeout for connection attempts. If |
Set the timeout for connection attempts. |
| |
If |
| .Pa timeout |
.Pa timeout |
| seconds have elapsed since a connection was initiated to a host or since the |
seconds have elapsed since a connection was initiated to a host or since the |
| last time anything was read from that host, then the connection is |
last time anything was read from that host, then the connection is |
| closed and the host in question considered unavailable. Default is 5 |
closed and the host in question considered unavailable. |
| seconds. |
Default is 5 seconds. |
| .It Fl t Ar type |
.It Fl t Ar type |
| Specifies the type of the key to fetch from the scanned hosts. |
Specifies the type of the key to fetch from the scanned hosts. |
| The possible values are |
The possible values are |
![[BACK]](/icons/back.gif){kind=icon}
Return to ssh-keyscan.1 CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh