Bootstrap FreeKB - SSH - Check known_hosts file using the ssh-keyscan command
SSH - Check known_hosts file using the ssh-keyscan command
Updated:   |  SSH articles

The ssh-keyscan command with the -F option can be used to determine if a known_hosts file does or does not contain a certain hostname. For example, let's say /home/john.doe/.ssh/known_hosts contains the following.

server1.example.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHXIAfxTJu1y7QdQNrk6xh41FH1fqIVbG2Skvhx49PDfvm5pCdiyHqPP0pcyM7UGJOAPazKNENGZtqmnH8CUDo0=

 

In this example, the following ssh-keyscan command should state that the known_hosts file does contain "server1.example.com".

~]# ssh-keyscan -F server1.example.com -f /home/john.doe/.ssh/known_hosts
# Host server1.example.com found: line 1
server1.example.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHXIAfxTJu1y7QdQNrk6xh41FH1fqIVbG2Skvhx49PDfvm5pCdiyHqPP0pcyM7UGJOAPazKNENGZtqmnH8CUDo0=

 

On the other hand, the following command should return no output, meaning the known_hosts file does not contain "bogus.example.com".

~]# ssh-keyscan -F bogus.example.com -f /home/john.doe/.ssh/known_hosts

 

 

 

Did you find this article helpful?

If so, consider buying me a coffee over at Buy Me A Coffee


Comments


Add a Comment


Please enter b97feb in the box below so that we can be sure you are a human.