martin carpenter


most popular
2012/05/05, updated 2012/12/15
ubuntu unity lens for vim



tags: ssh

github home
repository URLs

This utility enables you to retrieve the public component of the SSH key(s) in use on one or more remote servers. It does not require shell or administrative access to the servers in question since it returns only the public component. If you need the private component you will need to do something... else ;-)

This may be useful if you wish to maintain an offline database of keys, to validate server SSH keys in use within your organization against a list of known bad keys, or to check that keys are of an appropriate length (ssh-keygen(1) defaults to RSA keys of length 2048 bits in current versions of OpenSSH and 1024 bits under Solaris 10 but you just might have some old 512 or 768 bit keys out there).

The script is available in Ruby or Python versions: they are functionally equivalent.

usage [ -t { rsa | dsa } ] host [...]
get_ssh_key.rb [ -t { rsa | dsa } ] host [...]

If the -t flag is not specified then first an RSA key is sought, then a DSA key. This concurs with most client SSH implementations.





Ouput is in standard OpenSSH-style public key format (base-64 ASCII encoded):

key_type key comment

If more than one host key is requested then each key (line) is prefixed by host:.


ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAs1HwTg23faFRa+135x8fs...

$ get_ssh_key.rb ssh-rsa AAAAB3NzaC1yc2EAAAABIwAu0b05tcPHoT23fs... ssh-rsa AAAAB3NzaC1yc2EAAAAB5we+6n84VeCJUMs...