Article pages now have a discussion option at the bottom (moderated/captcha, but no registration needed)
[[Fetching SSH hostkeys without interaction]]
You are here: Bash Hackers Wiki Frontpage » Small code snipplets » Fetching SSH hostkeys without interaction

Fetching SSH hostkeys without interaction

Keywords: ssh,keys,hostkeys
Contributor: self

Applies at least to openssh.

To get the hostkeys for a server, and write them to known_hosts-file (to avoid that yes/no query when the key isn't known), you can do: 

ssh-keyscan -t rsa foo foo.example.com 1.2.3.4 >> ~/.ssh/known_host

This example queries the hostkeys for the very same machine, but under 3 different "names" (hostname, FQDN, IP) and redirects the output to the known_hosts-file.

Notes:

  • if done blindly, the known_host-file may grow very large. It might be wise to check for key existance first
  • if multiple keys for the same host exist in known_hosts, the first one is taken (which might be an old or wrong one)

Discussion

Enter your comment
 
snipplets/ssh_fetchkeys.txt · Last modified: 2009/04/04 12:03 by thebonsai
GNU Free Documentation License 1.2
www.chimeric.de Valid CSS Driven by DokuWiki do yourself a favour and use a real browser - get firefox!! Recent changes RSS feed Valid XHTML 1.0