How to acquire a remote host fingerprint that is not in known_hosts?

ssh-keygen -l -F host will print out the key of a remote host, but only if the host exists in known_hosts.Is it possible to request a fingerprint from a host that isn't in the known_hosts file? (without manual intervention such as connecting through ssh)


Solution 1:

You can accomplish this with ssh-keyscan, e.g.:

$ ssh-keyscan 192.168.25.16
# 192.168.25.16 SSH-2.0-OpenSSH_5.5p1 Debian-6+squeeze3
192.168.25.16 ssh-rsa AAAAB3Nz[...]ThruGvpQ==

Optionally pass the -H option to get hashed names as you're seeing in a known_hosts file.

See also U&L: How to get the public key from sshd server without touching the known_hosts file?