=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/ssh-keyscan.1,v retrieving revision 1.14.4.1 retrieving revision 1.14.4.2 diff -u -r1.14.4.1 -r1.14.4.2 --- src/usr.bin/ssh/ssh-keyscan.1 2003/04/03 23:27:13 1.14.4.1 +++ src/usr.bin/ssh/ssh-keyscan.1 2003/09/16 21:20:28 1.14.4.2 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-keyscan.1,v 1.14.4.1 2003/04/03 23:27:13 margarida Exp $ +.\" $OpenBSD: ssh-keyscan.1,v 1.14.4.2 2003/09/16 21:20:28 brad Exp $ .\" .\" Copyright 1995, 1996 by David Mazieres . .\" @@ -103,24 +103,6 @@ .Nm can help in the detection of tampered keyfiles or man in the middle attacks which have begun after the ssh_known_hosts file was created. -.Sh EXAMPLES -.Pp -Print the -.Pa rsa1 -host key for machine -.Pa hostname : -.Bd -literal -$ ssh-keyscan hostname -.Ed -.Pp -Find all hosts from the file -.Pa ssh_hosts -which have new or different keys from those in the sorted file -.Pa ssh_known_hosts : -.Bd -literal -$ ssh-keyscan -t rsa,dsa -f ssh_hosts | \e\ - sort -u - ssh_known_hosts | diff ssh_known_hosts - -.Ed .Sh FILES .Pa Input format: .Bd -literal @@ -142,19 +124,36 @@ is either .Dq ssh-rsa or -.Dq ssh-dsa . +.Dq ssh-dss . .Pp .Pa /etc/ssh/ssh_known_hosts -.Sh BUGS -It generates "Connection closed by remote host" messages on the consoles -of all the machines it scans if the server is older than version 2.9. -This is because it opens a connection to the ssh port, reads the public -key, and drops the connection as soon as it gets the key. +.Sh EXAMPLES +Print the +.Pa rsa1 +host key for machine +.Pa hostname : +.Bd -literal +$ ssh-keyscan hostname +.Ed +.Pp +Find all hosts from the file +.Pa ssh_hosts +which have new or different keys from those in the sorted file +.Pa ssh_known_hosts : +.Bd -literal +$ ssh-keyscan -t rsa,dsa -f ssh_hosts | \e + sort -u - ssh_known_hosts | diff ssh_known_hosts - +.Ed .Sh SEE ALSO .Xr ssh 1 , .Xr sshd 8 .Sh AUTHORS -David Mazieres +.An David Mazieres Aq dm@lcs.mit.edu wrote the initial version, and -Wayne Davison +.An Wayne Davison Aq wayned@users.sourceforge.net added support for protocol version 2. +.Sh BUGS +It generates "Connection closed by remote host" messages on the consoles +of all the machines it scans if the server is older than version 2.9. +This is because it opens a connection to the ssh port, reads the public +key, and drops the connection as soon as it gets the key.