Date: Wed, 21 Mar 2018 19:37:08 -0700 From: Kevin Day <kevin@your.org> To: "Ronald F. Guilmette" <rfg@tristatelogic.com> Cc: freebsd-net@freebsd.org Subject: Re: Same host or different? How can you tell "over the wire"? Message-ID: <4DB72389-D167-4152-A15F-4710C54B2E1A@your.org> In-Reply-To: <5755.1521676047@segfault.tristatelogic.com> References: <5755.1521676047@segfault.tristatelogic.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> On Mar 21, 2018, at 4:47 PM, Ronald F. Guilmette = <rfg@tristatelogic.com> wrote: >=20 > But your question certainly raises an interesting possibility, and an > interesting question... one that I myself am not at all equiped or > qualified to answer (because I am almost totally ignorant about even > the bare mechanics of the SSH protocol): How could one tickle an open > SSH port and obtain from it not just its greeting banner (which may = be, > and often is, rather generic and non-specific) but also so as to get > the host's host-specific public key? Does the ssh-keyscan tool do what you want? # ssh-keyscan github.com # github.com:22 SSH-2.0-libssh_0.7.0 github.com ssh-rsa = AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7= PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQq= ZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG= 6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3J= EAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ= =3D=3D Unless you've copied the host ssh keys manually, this will be unique to = the system.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4DB72389-D167-4152-A15F-4710C54B2E1A>