Is it possible to find out the hosts in the known_hosts file?

  • I would like to see what hosts are in my known_hosts file but it doesn't appear to be human readable. Is it possible to read it?

    More specifically there is a host that I can connect to via several names and I want to find out what the fingerprint I expect for it from my known hosts file.

    Update: I'm using OpenSSH_5.3p1 Debian-3ubuntu7, OpenSSL 0.9.8k 25 Mar 2009

    A line from my known_hosts file looks something like this,

    |1|guO7PbLLb5FWIpxNZHF03ESTTKg=|r002DA8L2JUYRVykUh7jcVUHeYE= ssh-rsa AAAAB3NzaC1yc2EAAFADAQABAAABAQDWp73ulfigmbbzif051okmDMh5yZt/DlZnsx3DEOYHu3Nu/+THJnUAfkfEc1XkOFiFgbUyK/08Ty0K6ExUaffb1ERfXXyyp63rpCTHOPonSrnK7adl7YoPDd4BcIUZd1Dk7HtuShMmuk4l83X623cr9exbfm+DRaeyFNMFSEkMzztBYIkhpA2DWlDkd90OfVAvyoOrJPxztmIZR82qu/5t2z58sJ6Jm2xdp2ckySgXulq6S4k+hnnGuz2p1klviYCWGJMZfyAB+V+MTjGGD/cj0SkL5v/sa/Fie1zcv1SLs466x3H0kMllz6gAk0/FMi7eULspwnIp65g45qUAL3Oj
    
  • pdo

    pdo Correct answer

    9 years ago

    You've got HashKnownHosts set to "yes" in your ssh_config file, so the hostnames aren't available in plaintext.

    If you know the hostname you're looking for ahead of time, you can search for it with:

    ssh-keygen -H -F hostname
    # Or, if SSH runs on port other than 22
    ssh-keygen -H -F '[hostname]:2222'
    

    Here's the relevant section from the ssh-keygen(1) man page:

     -F hostname
             Search for the specified hostname in a known_hosts file, listing
             any occurrences found.  This option is useful to find hashed host
             names or addresses and may also be used in conjunction with the
             -H option to print found keys in a hashed format.
    

    Does hash known hosts essentially mean it's not possible? i.e. I need to know the name of the host in order to look at it's info?

    @ColinNewell That's right, you need to know the hostname(s). It's a security measure to keep an attacker from harvesting hostnames/IP addresses of other boxes you frequent if your machine is compromised.

    Don't be scared when there is no output at all, but try not the full qualified hostname but the hostname instead.

    Not sshd_config, but ssh_config.

    @pdo - your command does not always work. If the host has SSH on port other than `22`, then the format in `known_hosts` is different. Then you have to use the following command: `ssh-keygen -H -F [host.example.com]:2222`

    I wanted to find the rsa key for a specific host, so I ran this: `ssh-keygen -l -f ~/.ssh/known_hosts -F `

    I'm considering using this in a script, so I was testing return values. When it successfully finds a match, it returns one, and when it fails it returns 1. Any idea what it's supposed to be returning? The manpage doesn't state anything under the -F or -H flags, nor is there a section about what it returns.

    @Ungeheuer That is strange. I see the same behaviour. You could do `test $(ssh-keygen -H -F ssh.vps4.mikkel.ca | wc -l) -gt 0`, which will exit 0 on a match, 1 on no match.

License under CC-BY-SA with attribution


Content dated before 6/26/2020 9:53 AM