summaryrefslogtreecommitdiff
path: root/ssh-keyscan.1
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2003-06-11 22:04:39 +1000
committerDamien Miller <djm@mindrot.org>2003-06-11 22:04:39 +1000
commitf1ce505daf3ab14b42aa1eba41272fa103d3f4d0 (patch)
tree74487974ae0cdb719b6ef76302408119b4a705c7 /ssh-keyscan.1
parent78f2e5ca98e36fa9e87e967243aedacde8d64156 (diff)
- jmc@cvs.openbsd.org 2003/06/10 09:12:11
[scp.1 sftp-server.8 ssh.1 ssh-add.1 ssh-agent.1 ssh_config.5] [sshd.8 sshd_config.5 ssh-keygen.1 ssh-keyscan.1 ssh-keysign.8] - section reorder - COMPATIBILITY merge - macro cleanup - kill whitespace at EOL - new sentence, new line ssh pages ok markus@
Diffstat (limited to 'ssh-keyscan.1')
-rw-r--r--ssh-keyscan.151
1 files changed, 25 insertions, 26 deletions
diff --git a/ssh-keyscan.1 b/ssh-keyscan.1
index 6d27569e..572751f6 100644
--- a/ssh-keyscan.1
+++ b/ssh-keyscan.1
@@ -1,4 +1,4 @@
-.\" $OpenBSD: ssh-keyscan.1,v 1.16 2003/05/12 18:35:18 markus Exp $
+.\" $OpenBSD: ssh-keyscan.1,v 1.17 2003/06/10 09:12:11 jmc Exp $
.\"
.\" Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>.
.\"
@@ -103,24 +103,6 @@ On the other hand, if the security model allows such a risk,
.Nm
can help in the detection of tampered keyfiles or man in the middle
attacks which have begun after the ssh_known_hosts file was created.
-.Sh EXAMPLES
-.Pp
-Print the
-.Pa rsa1
-host key for machine
-.Pa hostname :
-.Bd -literal
-$ ssh-keyscan hostname
-.Ed
-.Pp
-Find all hosts from the file
-.Pa ssh_hosts
-which have new or different keys from those in the sorted file
-.Pa ssh_known_hosts :
-.Bd -literal
-$ ssh-keyscan -t rsa,dsa -f ssh_hosts | \e\
- sort -u - ssh_known_hosts | diff ssh_known_hosts -
-.Ed
.Sh FILES
.Pa Input format:
.Bd -literal
@@ -145,16 +127,33 @@ or
.Dq ssh-dss .
.Pp
.Pa /etc/ssh/ssh_known_hosts
-.Sh BUGS
-It generates "Connection closed by remote host" messages on the consoles
-of all the machines it scans if the server is older than version 2.9.
-This is because it opens a connection to the ssh port, reads the public
-key, and drops the connection as soon as it gets the key.
+.Sh EXAMPLES
+Print the
+.Pa rsa1
+host key for machine
+.Pa hostname :
+.Bd -literal
+$ ssh-keyscan hostname
+.Ed
+.Pp
+Find all hosts from the file
+.Pa ssh_hosts
+which have new or different keys from those in the sorted file
+.Pa ssh_known_hosts :
+.Bd -literal
+$ ssh-keyscan -t rsa,dsa -f ssh_hosts | \e
+ sort -u - ssh_known_hosts | diff ssh_known_hosts -
+.Ed
.Sh SEE ALSO
.Xr ssh 1 ,
.Xr sshd 8
.Sh AUTHORS
-David Mazieres <dm@lcs.mit.edu>
+.An David Mazieres Aq dm@lcs.mit.edu
wrote the initial version, and
-Wayne Davison <wayned@users.sourceforge.net>
+.An Wayne Davison Aq wayned@users.sourceforge.net
added support for protocol version 2.
+.Sh BUGS
+It generates "Connection closed by remote host" messages on the consoles
+of all the machines it scans if the server is older than version 2.9.
+This is because it opens a connection to the ssh port, reads the public
+key, and drops the connection as soon as it gets the key.