Annotation of src/usr.bin/ssh/ssh-keyscan.1, Revision 1.3.2.5
1.3.2.5 ! miod 1: .\" $OpenBSD: ssh-keyscan.1,v 1.12 2001/09/05 06:23:07 deraadt Exp $
1.3.2.3 jason 2: .\"
3: .\" Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>.
4: .\"
5: .\" Modification and redistribution in source and binary forms is
6: .\" permitted provided that due credit is given to the author and the
1.3.2.5 ! miod 7: .\" OpenBSD project by leaving this copyright notice intact.
1.3 niklas 8: .\"
1.1 markus 9: .Dd January 1, 1996
1.3.2.3 jason 10: .Dt SSH-KEYSCAN 1
1.1 markus 11: .Os
12: .Sh NAME
13: .Nm ssh-keyscan
14: .Nd gather ssh public keys
15: .Sh SYNOPSIS
16: .Nm ssh-keyscan
1.3.2.5 ! miod 17: .Op Fl v46
! 18: .Op Fl p Ar port
! 19: .Op Fl T Ar timeout
! 20: .Op Fl t Ar type
! 21: .Op Fl f Ar file
! 22: .Op Ar host | addrlist namelist
! 23: .Op Ar ...
1.1 markus 24: .Sh DESCRIPTION
25: .Nm
26: is a utility for gathering the public ssh host keys of a number of
27: hosts. It was designed to aid in building and verifying
28: .Pa ssh_known_hosts
29: files.
30: .Nm
31: provides a minimal interface suitable for use by shell and perl
32: scripts.
33: .Pp
34: .Nm
35: uses non-blocking socket I/O to contact as many hosts as possible in
36: parallel, so it is very efficient. The keys from a domain of 1,000
37: hosts can be collected in tens of seconds, even when some of those
1.3.2.5 ! miod 38: hosts are down or do not run ssh. For scanning, one does not need
! 39: login access to the machines that are being scanned, nor does the
! 40: scanning process involve any encryption.
! 41: .Pp
! 42: The options are as follows:
1.1 markus 43: .Bl -tag -width Ds
1.3.2.5 ! miod 44: .It Fl p Ar port
! 45: Port to connect to on the remote host.
! 46: .It Fl T Ar timeout
! 47: Set the timeout for connection attempts. If
1.1 markus 48: .Pa timeout
49: seconds have elapsed since a connection was initiated to a host or since the
50: last time anything was read from that host, then the connection is
51: closed and the host in question considered unavailable. Default is 5
52: seconds.
1.3.2.5 ! miod 53: .It Fl t Ar type
! 54: Specifies the type of the key to fetch from the scanned hosts.
! 55: The possible values are
! 56: .Dq rsa1
! 57: for protocol version 1 and
! 58: .Dq rsa
! 59: or
! 60: .Dq dsa
! 61: for protocol version 2.
! 62: Multiple values may be specified by separating them with commas.
! 63: The default is
! 64: .Dq rsa1 .
! 65: .It Fl f Ar filename
! 66: Read hosts or
1.1 markus 67: .Pa addrlist namelist
68: pairs from this file, one per line.
69: If
70: .Pa -
71: is supplied instead of a filename,
72: .Nm
1.3.2.5 ! miod 73: will read hosts or
1.1 markus 74: .Pa addrlist namelist
75: pairs from the standard input.
1.3.2.5 ! miod 76: .It Fl v
! 77: Verbose mode.
! 78: Causes
! 79: .Nm
! 80: to print debugging messages about its progress.
! 81: .It Fl 4
! 82: Forces
! 83: .Nm
! 84: to use IPv4 addresses only.
! 85: .It Fl 6
! 86: Forces
! 87: .Nm
! 88: to use IPv6 addresses only.
1.2 itojun 89: .El
1.3.2.5 ! miod 90: .Sh SECURITY
! 91: If a ssh_known_hosts file is constructed using
! 92: .Nm
! 93: without verifying the keys, users will be vulnerable to
! 94: .I man in the middle
! 95: attacks.
! 96: On the other hand, if the security model allows such a risk,
! 97: .Nm
! 98: can help in the detection of tampered keyfiles or man in the middle
! 99: attacks which have begun after the ssh_known_hosts file was created.
1.1 markus 100: .Sh EXAMPLES
101: .Pp
1.3.2.5 ! miod 102: Print the
! 103: .Pa rsa1
! 104: host key for machine
1.1 markus 105: .Pa hostname :
106: .Bd -literal
107: ssh-keyscan hostname
108: .Ed
109: .Pp
110: Find all hosts from the file
111: .Pa ssh_hosts
112: which have new or different keys from those in the sorted file
113: .Pa ssh_known_hosts :
114: .Bd -literal
1.3.2.5 ! miod 115: ssh-keyscan -t rsa,dsa -f ssh_hosts | \e\
! 116: sort -u - ssh_known_hosts | diff ssh_known_hosts -
1.1 markus 117: .Ed
118: .Sh FILES
119: .Pa Input format:
1.3.2.5 ! miod 120: .Bd -literal
1.1 markus 121: 1.2.3.4,1.2.4.4 name.my.domain,name,n.my.domain,n,1.2.3.4,1.2.4.4
1.3.2.5 ! miod 122: .Ed
1.1 markus 123: .Pp
1.3.2.5 ! miod 124: .Pa Output format for rsa1 keys:
! 125: .Bd -literal
1.1 markus 126: host-or-namelist bits exponent modulus
1.3.2.5 ! miod 127: .Ed
! 128: .Pp
! 129: .Pa Output format for rsa and dsa keys:
! 130: .Bd -literal
! 131: host-or-namelist keytype base64-encoded-key
! 132: .Ed
! 133: .Pp
! 134: Where
! 135: .Pa keytype
! 136: is either
! 137: .Dq ssh-rsa
! 138: or
! 139: .Dq ssh-dsa .
1.1 markus 140: .Pp
141: .Pa /etc/ssh_known_hosts
142: .Sh BUGS
143: It generates "Connection closed by remote host" messages on the consoles
1.3.2.5 ! miod 144: of all the machines it scans if the server is older than version 2.9.
1.1 markus 145: This is because it opens a connection to the ssh port, reads the public
146: key, and drops the connection as soon as it gets the key.
147: .Sh SEE ALSO
1.3.2.3 jason 148: .Xr ssh 1 ,
1.1 markus 149: .Xr sshd 8
1.3.2.5 ! miod 150: .Sh AUTHORS
1.1 markus 151: David Mazieres <dm@lcs.mit.edu>
1.3.2.5 ! miod 152: wrote the initial version, and
! 153: Wayne Davison <wayned@users.sourceforge.net>
! 154: added support for protocol version 2.