X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/95a071252433b494ac173575edfbab823311c557..17c7855ac84fd32e868a275c778f81dc67b52b1e:/ssh-keyscan.1 diff --git a/ssh-keyscan.1 b/ssh-keyscan.1 index 9efcf521..01f31846 100644 --- a/ssh-keyscan.1 +++ b/ssh-keyscan.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-keyscan.1,v 1.18 2004/07/12 23:34:25 brad Exp $ +.\" $OpenBSD: ssh-keyscan.1,v 1.28 2010/01/09 23:04:13 dtucker Exp $ .\" .\" Copyright 1995, 1996 by David Mazieres . .\" @@ -6,7 +6,7 @@ .\" permitted provided that due credit is given to the author and the .\" OpenBSD project by leaving this copyright notice intact. .\" -.Dd January 1, 1996 +.Dd $Mdocdate$ .Dt SSH-KEYSCAN 1 .Os .Sh NAME @@ -15,13 +15,13 @@ .Sh SYNOPSIS .Nm ssh-keyscan .Bk -words -.Op Fl v46 +.Op Fl 46Hv +.Op Fl f Ar file .Op Fl p Ar port .Op Fl T Ar timeout .Op Fl t Ar type -.Op Fl f Ar file .Op Ar host | addrlist namelist -.Op Ar ... +.Ar ... .Ek .Sh DESCRIPTION .Nm @@ -46,6 +46,33 @@ scanning process involve any encryption. .Pp The options are as follows: .Bl -tag -width Ds +.It Fl 4 +Forces +.Nm +to use IPv4 addresses only. +.It Fl 6 +Forces +.Nm +to use IPv6 addresses only. +.It Fl f Ar file +Read hosts or +.Pa addrlist namelist +pairs from this file, one per line. +If +.Pa - +is supplied instead of a filename, +.Nm +will read hosts or +.Pa addrlist namelist +pairs from the standard input. +.It Fl H +Hash all hostnames and addresses in the output. +Hashed names may be used normally by +.Nm ssh +and +.Nm sshd , +but they do not reveal identifying information should the file's contents +be disclosed. .It Fl p Ar port Port to connect to on the remote host. .It Fl T Ar timeout @@ -67,34 +94,15 @@ or for protocol version 2. Multiple values may be specified by separating them with commas. The default is -.Dq rsa1 . -.It Fl f Ar filename -Read hosts or -.Pa addrlist namelist -pairs from this file, one per line. -If -.Pa - -is supplied instead of a filename, -.Nm -will read hosts or -.Pa addrlist namelist -pairs from the standard input. +.Dq rsa . .It Fl v Verbose mode. Causes .Nm to print debugging messages about its progress. -.It Fl 4 -Forces -.Nm -to use IPv4 addresses only. -.It Fl 6 -Forces -.Nm -to use IPv6 addresses only. .El .Sh SECURITY -If a ssh_known_hosts file is constructed using +If an ssh_known_hosts file is constructed using .Nm without verifying the keys, users will be vulnerable to .Em man in the middle @@ -129,7 +137,7 @@ or .Pa /etc/ssh/ssh_known_hosts .Sh EXAMPLES Print the -.Pa rsa1 +.Pa rsa host key for machine .Pa hostname : .Bd -literal @@ -148,6 +156,7 @@ $ ssh-keyscan -t rsa,dsa -f ssh_hosts | \e .Xr ssh 1 , .Xr sshd 8 .Sh AUTHORS +.An -nosplit .An David Mazieres Aq dm@lcs.mit.edu wrote the initial version, and .An Wayne Davison Aq wayned@users.sourceforge.net