Same host or different? How can you tell "over the wire"?
Kurt Buff
kurt.buff at gmail.com
Thu Mar 22 02:06:13 UTC 2018
On Wed, Mar 21, 2018 at 4:47 PM, Ronald F. Guilmette
<rfg at tristatelogic.com> wrote:
>
> "Kurt Buff" <kurt.buff at gmail.com > wrote:
> In case it was not clear, none of the IPv4 addresses that are of interest,
> or that are relevant to my question, are ones for which *I* posses any type
> of SSH login credentials.
>
> But your question certainly raises an interesting possibility, and an
> interesting question... one that I myself am not at all equiped or
> qualified to answer (because I am almost totally ignorant about even
> the bare mechanics of the SSH protocol): How could one tickle an open
> SSH port and obtain from it not just its greeting banner (which may be,
> and often is, rather generic and non-specific) but also so as to get
> the host's host-specific public key?
>
> (Yes, I am indeed displaying an unforgivable level of laziness here.
> I can and most probably should, and most probably eventually -will-
> just go off now and read the relevant RFCs, but if anyone wants to save
> me the trouble, just for this one question, that would be appreciated.)
Well, I'm not expert myself, but when I use putty from my Windows
machine to talk with an ssh server that it's not seen before, I get a
popup talking about the host ssh key which is new to putty., and that
happens any time, e.g., the IP address of the machine changes.
This query:
https://www.google.com/search?q=scan+host+collect+ssh+key&ie=utf-8&oe=utf-8
reveals this tool:
http://rc.quest.com/man.php?id=ssh-keyscan%281%29
which might be useful to you, and I do indeed see the man page for it on my box.
Kurt
More information about the freebsd-net
mailing list