The ssh-keyscan command can be used to get an SSH servers SSH keys. In this example, the SSH keys from server1.example.com will be returned.

ssh-keyscan server1.example.com

Better yet, scan with both the DNS name and IP address of the target server.

ssh-keyscan server1.example.com,10.17.114.58

The prior command should produce output like this. Notice there are two keys, one is the ECDSA key, and the other is the EC25519 key.

server1.example.com,10.17.114.58 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHXIAfxTJu1y7QdQNrk6xh41FH1fqIVbG2Skvhx49PDfvm5pCdiyHqPP0pcyM7UGJOAPazKNENGZtqmnH8CUDo0=
server1.example.com,10.17.114.58 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMwKQuwRNdPMrcw6keHLMiVwPJWvy0XVqaybWxqQQ5ll

If you want to get a certain type of key, the -t option can be used. The following types can be used.

• ecdsa
• ed25519
• dsa
• rsa
• rsa1

ssh-keyscan -t ecdsa server1.example.com,10.17.114.58

You can also search for multipe types, separated by a comma.

ssh-keyscan -t ecdsa,ed25519 server1.example.com,10.17.114.58

By default, the SSH connection will be made on port 22. If the target system is listening for SSH connections on some other port, the -p option can be used. 

ssh-keyscan -p 12345 server1.example.com,10.17.114.58

Often, this command is used to append the public certificates from an SSH server to your known_hosts file, so that are not presented with the following message when attempting to make an SSH connection to the SSH server.

~]# ssh john.doe@server1.example.com
The authenticity of host 'server1 (10.17.114.58)' can't be established
DSA key fingerprint is BB37 83F2 5E3A 7A4C 6C84  F047 D97B DD4E 38BB 2082
Are you sure you want to continue connecting (yes/no)?

When the objective is to append the public certificates from an SSH server to your known_hosts file, redirection can be used to perform this task, like this.

ssh-keyscan server1.example.com,10.17.114.58 >> $HOME/.ssh/known_hosts