contents
2022/01/31get_ssh_key
2010/04/21
tags: ssh
| github home | http://github.com/mcarpenter/get_ssh_key |
|---|---|
| repository URLs |
https://github.com/mcarpenter/get_ssh_key.git git://github.com/mcarpenter/get_ssh_key.git |
This utility enables you to retrieve the public component of the SSH key(s) in use on one or more remote servers. It does not require shell or administrative access to the servers in question since it returns only the public component. If you need the private component you will need to do something... else ;-)
This may be useful if you wish to maintain an offline database of keys,
to validate server SSH keys in use within your organization against a
list of known bad keys, or to
check that keys are of an appropriate length (ssh-keygen(1)
defaults to RSA keys of length 2048 bits in current versions of OpenSSH and 1024 bits under Solaris 10 but
you just might have some old 512 or 768 bit keys out there).
The script is available in Ruby or Python versions: they are functionally equivalent.
usage
get_ssh_key.py [ -t { rsa | dsa } ] host [...]get_ssh_key.rb [ -t { rsa | dsa } ] host [...]If the -t flag is not specified then first an RSA key is sought, then a DSA key. This concurs with most client SSH implementations.
prerequisites
Python:
Ruby:
- Rubygems, Ruby library manager
- Net::SSH v2, Ruby SSH2 library
output
Ouput is in standard OpenSSH-style public key format (base-64 ASCII encoded):
key_type key comment
If more than one host key is requested then each key (line) is prefixed
by host:.
key_typeis typicallyssh-rsaorssh-dss.keyis the base-64 encoded key.commentis of the formhost#key_length_in_bits
examples
$ get_ssh_key.py 127.0.0.1
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAs1HwTg23faFRa+135x8fs... 127.0.0.1#1024
$ get_ssh_key.rb 127.0.0.1 rootshell.be
127.0.0.1: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAu0b05tcPHoT23fs... 127.0.0.1#1024
rootshell.be: ssh-rsa AAAAB3NzaC1yc2EAAAAB5we+6n84VeCJUMs... rootshell.be#2048