I am using ssh-keyscan to obtain public keys for a couple of SSH servers. One of my appliances only supports DSA / ssh-dss. ssh-keyscan with the "-t dsa" option is not able to get the public key while the Nmap script ssh-hostkey in fact is able to obtain it.
ssh-keyscan:
weberjoh@nb15-lx:~$ ssh-keyscan -t dsa ssg-mgmt
# ssg-mgmt:22 SSH-2.0-NetScreen
Nmap:
weberjoh@nb15-lx:~$ nmap --script ssh-hostkey ssg-mgmt
Starting Nmap 7.01 ( https://nmap.org ) at 2017-10-11 16:00 CEST
Nmap scan report for ssg-mgmt (192.168.120.3)
Host is up (0.0026s latency).
rDNS record for 192.168.120.3: ssg-mgmt.webernetz.net
Not shown: 998 filtered ports
PORT STATE SERVICE
22/tcp open ssh
| ssh-hostkey:
|_ 1024 e7:5b:c9:a9:60:60:66:37:d6:90:bd:70:8f:76:e5:41 (DSA)
443/tcp open https
Nmap done: 1 IP address (1 host up) scanned in 7.28 seconds
How can I use ssh-keyscan to show the DSA public key?
Best Answer
This might be due to new versions of OpenSSH not supporting DSA by default. On your client machine, try adding the following in your
~/.ssh/config
:Also keep in mind that DSA keys might be less secure, so you should consider replacing them on your servers if possible.