Annotation of src/usr.bin/ssh/ssh-keyscan.1, Revision 1.7
1.7 ! mpech 1: .\" $OpenBSD: ssh-keyscan.1,v 1.6 2001/06/05 05:05:39 pvalchev Exp $
1.4 deraadt 2: .\"
3: .\" Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>.
4: .\"
5: .\" Modification and redistribution in source and binary forms is
6: .\" permitted provided that due credit is given to the author and the
1.6 pvalchev 7: .\" OpenBSD project by leaving this copyright notice intact.
1.3 niklas 8: .\"
1.1 markus 9: .Dd January 1, 1996
1.4 deraadt 10: .Dt SSH-KEYSCAN 1
1.1 markus 11: .Os
12: .Sh NAME
13: .Nm ssh-keyscan
14: .Nd gather ssh public keys
15: .Sh SYNOPSIS
16: .Nm ssh-keyscan
17: .Op Fl t Ar timeout
18: .Op Ar -- | host | addrlist namelist
19: .Op Fl f Ar files ...
20: .Sh DESCRIPTION
21: .Nm
22: is a utility for gathering the public ssh host keys of a number of
23: hosts. It was designed to aid in building and verifying
24: .Pa ssh_known_hosts
25: files.
26: .Nm
27: provides a minimal interface suitable for use by shell and perl
28: scripts.
29: .Pp
30: .Nm
31: uses non-blocking socket I/O to contact as many hosts as possible in
32: parallel, so it is very efficient. The keys from a domain of 1,000
33: hosts can be collected in tens of seconds, even when some of those
34: hosts are down or do not run ssh. You do not need login access to the
1.5 ian 35: machines you are scanning, nor does the scanning process involve
1.1 markus 36: any encryption.
37: .Sh SECURITY
38: If you make an ssh_known_hosts file using
39: .Nm
40: without verifying the keys, you will be vulnerable to
41: .I man in the middle
42: attacks.
43: On the other hand, if your security model allows such a risk,
44: .Nm
45: can help you detect tampered keyfiles or man in the middle attacks which
46: have begun after you created your ssh_known_hosts file.
47: .Sh OPTIONS
48: .Bl -tag -width Ds
49: .It Fl t
50: Set the timeout for connection attempts. If
51: .Pa timeout
52: seconds have elapsed since a connection was initiated to a host or since the
53: last time anything was read from that host, then the connection is
54: closed and the host in question considered unavailable. Default is 5
55: seconds.
56: .It Fl f
57: Read hosts or
58: .Pa addrlist namelist
59: pairs from this file, one per line.
60: If
61: .Pa -
62: is supplied instead of a filename,
63: .Nm
64: will read hosts or
65: .Pa addrlist namelist
66: pairs from the standard input.
1.2 itojun 67: .El
1.1 markus 68: .Sh EXAMPLES
69: Print the host key for machine
70: .Pa hostname :
71: .Bd -literal
72: ssh-keyscan hostname
73: .Ed
74: .Pp
75: Find all hosts from the file
76: .Pa ssh_hosts
77: which have new or different keys from those in the sorted file
78: .Pa ssh_known_hosts :
79: .Bd -literal
1.4 deraadt 80: $ ssh-keyscan -f ssh_hosts | sort -u - ssh_known_hosts | \e\
1.1 markus 81: diff ssh_known_hosts -
82: .Ed
83: .Sh FILES
84: .Pa Input format:
85: 1.2.3.4,1.2.4.4 name.my.domain,name,n.my.domain,n,1.2.3.4,1.2.4.4
86: .Pp
87: .Pa Output format:
88: host-or-namelist bits exponent modulus
89: .Pp
90: .Pa /etc/ssh_known_hosts
91: .Sh BUGS
92: It generates "Connection closed by remote host" messages on the consoles
93: of all the machines it scans.
94: This is because it opens a connection to the ssh port, reads the public
95: key, and drops the connection as soon as it gets the key.
96: .Sh SEE ALSO
1.4 deraadt 97: .Xr ssh 1 ,
1.1 markus 98: .Xr sshd 8
1.7 ! mpech 99: .Sh AUTHORS
1.1 markus 100: David Mazieres <dm@lcs.mit.edu>