ssh-keyscan command is a utility for collecting public host keys from a number of hosts. It is typically used for adding public keys to a known_hosts file, which is used to verify the identity of hosts that a user connects to via SSH. This command is also used to gather public keys for use in other applications, such as automated deployment scripts.
The basic syntax for the
ssh-keyscan command is as follows:
ssh-keyscan [options] hostname
The command will connect to the specified
hostname and retrieve the public host key. By default, the public key is printed to standard output. If you want to add the key to your known_hosts file, you can redirect the output to the file using the
Here is an example of using
ssh-keyscan to retrieve the public key for a host:
This will output the public key for
example.com to the terminal.
You can also specify multiple hostnames on the command line to retrieve public keys for multiple hosts:
ssh-keyscan example.com example.net example.org
This will output the public keys for
example.org to the terminal.
If you want to retrieve the public key for a host on a non-standard port, you can specify the port number using the
ssh-keyscan -p 2222 example.com
This will retrieve the public key for
example.com on port 2222.
The following table lists the available options for the
||Specifies the port number to use when connecting to the host.|
||Sets the timeout for the connection attempt.|
||Specifies the type of key to retrieve. Valid types are
||Verbose mode. Prints debugging information to standard error.|
- If you are having trouble retrieving the public key for a host, make sure that the host is running an SSH server and that it is configured to allow connections from your machine.
- If you are having trouble adding the public key to your known_hosts file, make sure that the file exists and that you have permission to write to it.
- If you are having trouble with the syntax of the command, refer to the
ssh-keyscanfor more information.
ssh-keyscancommand is typically used in scripts and other automated processes to retrieve public keys for multiple hosts.
ssh-keyscancommand does not perform any authentication or encryption. It simply retrieves the public key for a host and prints it to standard output.