Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 21 Mar 2018 19:37:08 -0700
From:      Kevin Day <kevin@your.org>
To:        "Ronald F. Guilmette" <rfg@tristatelogic.com>
Cc:        freebsd-net@freebsd.org
Subject:   Re: Same host or different? How can you tell "over the wire"?
Message-ID:  <4DB72389-D167-4152-A15F-4710C54B2E1A@your.org>
In-Reply-To: <5755.1521676047@segfault.tristatelogic.com>
References:  <5755.1521676047@segfault.tristatelogic.com>

next in thread | previous in thread | raw e-mail | index | archive | help


> On Mar 21, 2018, at 4:47 PM, Ronald F. Guilmette =
<rfg@tristatelogic.com> wrote:
>=20
> But your question certainly raises an interesting possibility, and an
> interesting question... one that I myself am not at all equiped or
> qualified to answer (because I am almost totally ignorant about even
> the bare mechanics of the SSH protocol):  How could one tickle an open
> SSH port and obtain from it not just its greeting banner (which may =
be,
> and often is, rather generic and non-specific) but also so as to get
> the host's host-specific public key?


Does the ssh-keyscan tool do what you want?

# ssh-keyscan github.com
# github.com:22 SSH-2.0-libssh_0.7.0
github.com ssh-rsa =
AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7=
PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQq=
ZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG=
6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3J=
EAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ=
=3D=3D

Unless you've copied the host ssh keys manually, this will be unique to =
the system.




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4DB72389-D167-4152-A15F-4710C54B2E1A>