ssh-keyscan [-v46] [-p port]  [-T  timeout]  [-t  type]  [-f
file]
                 [host | addrlist namelist] [...]

DESCRIPTION
     ssh-keyscan  is  a utility for gathering the public ssh host
keys of a numM--
     ber of hosts.  It was designed to aid in building and  veri-
fying
     ssh_known_hosts  files.   ssh-keyscan provides a minimal in-
terface suitable
     for use by shell and perl scripts.

     ssh-keyscan uses non-blocking socket I/O to contact as  many
hosts as posM--
     sible in parallel, so it is very efficient.  The keys from a
domain of
     1,000 hosts can be collected in tens of seconds,  even  when
some of those
     hosts  are  down  or do not run ssh.  For scanning, one does
not need login
     access to the machines that are being scanned, nor does  the
scanning proM--
     cess involve any encryption.

     The options are as follows:

     -p port
             Port to connect to on the remote host.

     -T timeout
             Set the timeout for connection attempts.  If timeout
seconds have
             elapsed since a connection was initiated to  a  host
or since the
             last time anything was read from that host, then the
connection
             is closed and the host in  question  considered  un-
available.
             Default is 5 seconds.

     -t type
             Specifies  the  type  of  the  key to fetch from the
scanned hosts.
             The possible values are ``rsa1'' for  protocol  ver-
sion 1 and
             ``rsa'' or ``dsa'' for protocol version 2.  Multiple
values may
             be specified by separating them  with  commas.   The
default is
             ``rsa1''.

     -6      Forces ssh-keyscan to use IPv6 addresses only.

SECURITY
     If  a  ssh_known_hosts file is constructed using ssh-keyscan
without veriM--
     fying the keys, users will be vulnerable to attacks.  On the
other hand,
     if  the  security  model allows such a risk, ssh-keyscan can
help in the
     detection of tampered keyfiles or man in the middle  attacks
which have
     begun after the ssh_known_hosts file was created.

EXAMPLES
     Print the rsa1 host key for machine hostname:

     ssh-keyscan hostname

     Find  all  hosts  from  the file ssh_hosts which have new or
different keys
     from those in the sorted file ssh_known_hosts:

     ssh-keyscan -t rsa,dsa -f ssh_hosts |              sort -u -
ssh_known_hosts | diff ssh_known_hosts -

FILES
     Input format:

     1.2.3.4,1.2.4.4                 name.my.domain,name,n.my.do-
main,n,1.2.3.4,1.2.4.4

     Output format for rsa1 keys:

     host-or-namelist bits exponent modulus

     Output format for rsa and dsa keys:

     host-or-namelist keytype base64-encoded-key

     Where keytype is either ``ssh-rsa'' or ``ssh-dsa''.

     /etc/ssh_known_hosts

BUGS
     It generates "Connection closed by remote host" messages  on
the consoles
     of  all  the  machines  it scans if the server is older than
version 2.9.
     This is because it opens a connection to the ssh port, reads
the public
     key, and drops the connection as soon as it gets the key.