Annotation of src/usr.bin/ssh/ssh-keyscan.1, Revision 1.3.2.1
1.3.2.1 ! jason 1: .\" $OpenBSD: ssh-keyscan.1,v 1.3 2001/01/29 01:58:18 niklas Exp $
1.3 niklas 2: .\"
1.1 markus 3: .Dd January 1, 1996
4: .Dt ssh-keyscan 1
5: .Os
6: .Sh NAME
7: .Nm ssh-keyscan
8: .Nd gather ssh public keys
9: .Sh SYNOPSIS
10: .Nm ssh-keyscan
11: .Op Fl t Ar timeout
12: .Op Ar -- | host | addrlist namelist
13: .Op Fl f Ar files ...
14: .Sh DESCRIPTION
15: .Nm
16: is a utility for gathering the public ssh host keys of a number of
17: hosts. It was designed to aid in building and verifying
18: .Pa ssh_known_hosts
19: files.
20: .Nm
21: provides a minimal interface suitable for use by shell and perl
22: scripts.
23: .Pp
24: .Nm
25: uses non-blocking socket I/O to contact as many hosts as possible in
26: parallel, so it is very efficient. The keys from a domain of 1,000
27: hosts can be collected in tens of seconds, even when some of those
28: hosts are down or do not run ssh. You do not need login access to the
29: machines you are scanning, nor does does the scanning process involve
30: any encryption.
31: .Sh SECURITY
32: If you make an ssh_known_hosts file using
33: .Nm
34: without verifying the keys, you will be vulnerable to
35: .I man in the middle
36: attacks.
37: On the other hand, if your security model allows such a risk,
38: .Nm
39: can help you detect tampered keyfiles or man in the middle attacks which
40: have begun after you created your ssh_known_hosts file.
41: .Sh OPTIONS
42: .Bl -tag -width Ds
43: .It Fl t
44: Set the timeout for connection attempts. If
45: .Pa timeout
46: seconds have elapsed since a connection was initiated to a host or since the
47: last time anything was read from that host, then the connection is
48: closed and the host in question considered unavailable. Default is 5
49: seconds.
50: .It Fl f
51: Read hosts or
52: .Pa addrlist namelist
53: pairs from this file, one per line.
54: If
55: .Pa -
56: is supplied instead of a filename,
57: .Nm
58: will read hosts or
59: .Pa addrlist namelist
60: pairs from the standard input.
1.2 itojun 61: .El
1.1 markus 62: .Sh EXAMPLES
63: .Pp
64: Print the host key for machine
65: .Pa hostname :
66: .Bd -literal
67: ssh-keyscan hostname
68: .Ed
69: .Pp
70: Find all hosts from the file
71: .Pa ssh_hosts
72: which have new or different keys from those in the sorted file
73: .Pa ssh_known_hosts :
74: .Bd -literal
75: ssh-keyscan -f ssh_hosts | sort -u - ssh_known_hosts | \e\
76: diff ssh_known_hosts -
77: .Ed
78: .Pp
79: .Sh FILES
80: .Pp
81: .Pa Input format:
82: 1.2.3.4,1.2.4.4 name.my.domain,name,n.my.domain,n,1.2.3.4,1.2.4.4
83: .Pp
84: .Pa Output format:
85: host-or-namelist bits exponent modulus
86: .Pp
87: .Pa /etc/ssh_known_hosts
88: .Sh BUGS
89: It generates "Connection closed by remote host" messages on the consoles
90: of all the machines it scans.
91: This is because it opens a connection to the ssh port, reads the public
92: key, and drops the connection as soon as it gets the key.
93: .Sh SEE ALSO
94: .Xr ssh 1
95: .Xr sshd 8
96: .Sh AUTHOR
97: David Mazieres <dm@lcs.mit.edu>