Annotation of src/usr.bin/ssh/ssh-keyscan.1, Revision 1.6
1.6 ! pvalchev 1: .\" $OpenBSD: ssh-keyscan.1,v 1.5 2001/04/18 16:21:05 ian Exp $
1.4 deraadt 2: .\"
3: .\" Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>.
4: .\"
5: .\" Modification and redistribution in source and binary forms is
6: .\" permitted provided that due credit is given to the author and the
1.6 ! pvalchev 7: .\" OpenBSD project by leaving this copyright notice intact.
1.3 niklas 8: .\"
1.1 markus 9: .Dd January 1, 1996
1.4 deraadt 10: .Dt SSH-KEYSCAN 1
1.1 markus 11: .Os
12: .Sh NAME
13: .Nm ssh-keyscan
14: .Nd gather ssh public keys
15: .Sh SYNOPSIS
16: .Nm ssh-keyscan
17: .Op Fl t Ar timeout
18: .Op Ar -- | host | addrlist namelist
19: .Op Fl f Ar files ...
20: .Sh DESCRIPTION
21: .Nm
22: is a utility for gathering the public ssh host keys of a number of
23: hosts. It was designed to aid in building and verifying
24: .Pa ssh_known_hosts
25: files.
26: .Nm
27: provides a minimal interface suitable for use by shell and perl
28: scripts.
29: .Pp
30: .Nm
31: uses non-blocking socket I/O to contact as many hosts as possible in
32: parallel, so it is very efficient. The keys from a domain of 1,000
33: hosts can be collected in tens of seconds, even when some of those
34: hosts are down or do not run ssh. You do not need login access to the
1.5 ian 35: machines you are scanning, nor does the scanning process involve
1.1 markus 36: any encryption.
37: .Sh SECURITY
38: If you make an ssh_known_hosts file using
39: .Nm
40: without verifying the keys, you will be vulnerable to
41: .I man in the middle
42: attacks.
43: On the other hand, if your security model allows such a risk,
44: .Nm
45: can help you detect tampered keyfiles or man in the middle attacks which
46: have begun after you created your ssh_known_hosts file.
47: .Sh OPTIONS
48: .Bl -tag -width Ds
49: .It Fl t
50: Set the timeout for connection attempts. If
51: .Pa timeout
52: seconds have elapsed since a connection was initiated to a host or since the
53: last time anything was read from that host, then the connection is
54: closed and the host in question considered unavailable. Default is 5
55: seconds.
56: .It Fl f
57: Read hosts or
58: .Pa addrlist namelist
59: pairs from this file, one per line.
60: If
61: .Pa -
62: is supplied instead of a filename,
63: .Nm
64: will read hosts or
65: .Pa addrlist namelist
66: pairs from the standard input.
1.2 itojun 67: .El
1.1 markus 68: .Sh EXAMPLES
69: .Pp
70: Print the host key for machine
71: .Pa hostname :
72: .Bd -literal
73: ssh-keyscan hostname
74: .Ed
75: .Pp
76: Find all hosts from the file
77: .Pa ssh_hosts
78: which have new or different keys from those in the sorted file
79: .Pa ssh_known_hosts :
80: .Bd -literal
1.4 deraadt 81: $ ssh-keyscan -f ssh_hosts | sort -u - ssh_known_hosts | \e\
1.1 markus 82: diff ssh_known_hosts -
83: .Ed
84: .Pp
85: .Sh FILES
86: .Pp
87: .Pa Input format:
88: 1.2.3.4,1.2.4.4 name.my.domain,name,n.my.domain,n,1.2.3.4,1.2.4.4
89: .Pp
90: .Pa Output format:
91: host-or-namelist bits exponent modulus
92: .Pp
93: .Pa /etc/ssh_known_hosts
94: .Sh BUGS
95: It generates "Connection closed by remote host" messages on the consoles
96: of all the machines it scans.
97: This is because it opens a connection to the ssh port, reads the public
98: key, and drops the connection as soon as it gets the key.
99: .Sh SEE ALSO
1.4 deraadt 100: .Xr ssh 1 ,
1.1 markus 101: .Xr sshd 8
102: .Sh AUTHOR
103: David Mazieres <dm@lcs.mit.edu>