blob: 7c756dd1625447f1a749c25aa7cb2fe34c4860e0 [file] [log] [blame]
Ben Lindstroma238f6e2001-06-09 01:30:39 +00001.\" $OpenBSD: ssh-keyscan.1,v 1.6 2001/06/05 05:05:39 pvalchev Exp $
Ben Lindstromb22c2b82001-03-05 06:50:47 +00002.\"
3.\" Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>.
4.\"
5.\" Modification and redistribution in source and binary forms is
6.\" permitted provided that due credit is given to the author and the
Ben Lindstroma238f6e2001-06-09 01:30:39 +00007.\" OpenBSD project by leaving this copyright notice intact.
Ben Lindstrom36579d32001-01-29 07:39:26 +00008.\"
Ben Lindstromb6434ae2000-12-05 01:15:09 +00009.Dd January 1, 1996
Ben Lindstromb22c2b82001-03-05 06:50:47 +000010.Dt SSH-KEYSCAN 1
Ben Lindstromb6434ae2000-12-05 01:15:09 +000011.Os
12.Sh NAME
13.Nm ssh-keyscan
14.Nd gather ssh public keys
15.Sh SYNOPSIS
16.Nm ssh-keyscan
17.Op Fl t Ar timeout
18.Op Ar -- | host | addrlist namelist
19.Op Fl f Ar files ...
20.Sh DESCRIPTION
21.Nm
22is a utility for gathering the public ssh host keys of a number of
23hosts. It was designed to aid in building and verifying
24.Pa ssh_known_hosts
25files.
26.Nm
27provides a minimal interface suitable for use by shell and perl
28scripts.
29.Pp
30.Nm
31uses non-blocking socket I/O to contact as many hosts as possible in
32parallel, so it is very efficient. The keys from a domain of 1,000
33hosts can be collected in tens of seconds, even when some of those
34hosts are down or do not run ssh. You do not need login access to the
Ben Lindstromf73e05e2001-04-19 20:31:02 +000035machines you are scanning, nor does the scanning process involve
Ben Lindstromb6434ae2000-12-05 01:15:09 +000036any encryption.
37.Sh SECURITY
38If you make an ssh_known_hosts file using
39.Nm
40without verifying the keys, you will be vulnerable to
41.I man in the middle
42attacks.
43On the other hand, if your security model allows such a risk,
44.Nm
45can help you detect tampered keyfiles or man in the middle attacks which
46have begun after you created your ssh_known_hosts file.
47.Sh OPTIONS
48.Bl -tag -width Ds
49.It Fl t
50Set the timeout for connection attempts. If
51.Pa timeout
52seconds have elapsed since a connection was initiated to a host or since the
53last time anything was read from that host, then the connection is
54closed and the host in question considered unavailable. Default is 5
55seconds.
56.It Fl f
57Read hosts or
58.Pa addrlist namelist
59pairs from this file, one per line.
60If
61.Pa -
62is supplied instead of a filename,
63.Nm
64will read hosts or
65.Pa addrlist namelist
66pairs from the standard input.
Ben Lindstromd26dcf32001-01-06 15:18:16 +000067.El
Ben Lindstromb6434ae2000-12-05 01:15:09 +000068.Sh EXAMPLES
69.Pp
70Print the host key for machine
71.Pa hostname :
72.Bd -literal
73ssh-keyscan hostname
74.Ed
75.Pp
76Find all hosts from the file
77.Pa ssh_hosts
78which have new or different keys from those in the sorted file
79.Pa ssh_known_hosts :
80.Bd -literal
Ben Lindstromb22c2b82001-03-05 06:50:47 +000081$ ssh-keyscan -f ssh_hosts | sort -u - ssh_known_hosts | \e\
Ben Lindstromb6434ae2000-12-05 01:15:09 +000082 diff ssh_known_hosts -
83.Ed
84.Pp
85.Sh FILES
86.Pp
87.Pa Input format:
881.2.3.4,1.2.4.4 name.my.domain,name,n.my.domain,n,1.2.3.4,1.2.4.4
89.Pp
90.Pa Output format:
91host-or-namelist bits exponent modulus
92.Pp
93.Pa /etc/ssh_known_hosts
94.Sh BUGS
95It generates "Connection closed by remote host" messages on the consoles
96of all the machines it scans.
97This is because it opens a connection to the ssh port, reads the public
98key, and drops the connection as soon as it gets the key.
99.Sh SEE ALSO
Ben Lindstromb22c2b82001-03-05 06:50:47 +0000100.Xr ssh 1 ,
Ben Lindstromb6434ae2000-12-05 01:15:09 +0000101.Xr sshd 8
102.Sh AUTHOR
103David Mazieres <dm@lcs.mit.edu>