Reputation: 13
Retrieve all host keys using Paramiko (like ssh-keyscan)
Using OpenSSH 8 I ran a ssh-keyscan for one of my systems.
It returns keys for ssh-rsa, ecdsa-sha2-nistp256 and ssh-ed25519.
I would like to use Paramiko in Python to get the same results back. I'm just starting to dive into Paramiko, I'm new to it. Maybe it can't be done this way or there is a better way to do this?
import paramiko
host = "x.x.x.x" #<=IP address of system
transport = paramiko.Transport(host)
transport.connect()
key = transport.get_remote_server_key()
print(key.get_name())
print(key.get_bits())
print(key.get_base64())
transport.close()
I'm only getting back ssh-ed25519 key.
I don't see any methods for iterating through a list returned (possibly I'm overlooking).
Anyone know how to get the ecdsa-sha2-nistp256 key back from a call like this?
Upvotes: 1
Views: 2262
Answers (1)
Reputation: 202504
The Transport.get_remote_server_key returns the key that Paramiko and your server has agreed upon. There's no list available. The server provides only the specific key that they agreed on. Not all keys the server has.
If you want another key algo, you have to tell Paramiko to ask the server for it.
Before connection, do something like this:
transport.get_security_options().key_types = ["ecdsa-sha2-nistp256"]
And repeat the connection for each algo you want. This is what ssh-keyscan does.
These are the key algo types:
ssh-ed25519ecdsa-sha2-nistp256ecdsa-sha2-nistp384ecdsa-sha2-nistp521ssh-rsassh-dss
Upvotes: 3
Related Questions
- Paramiko equivalent of ssh host -t bash
- How to use Paramiko with host definition in ~/.ssh/config?
- SSH/SCP through Paramiko with key in string
- SSH connection - hostkey
- Paramiko: Add host_key to known_hosts permanently
- Paramiko connect without asking ssh key
- Paramiko error "missing_host_key() missing 1 required positional argument: 'key'"
- Get host key of an ssh server in base 64
- 'HostKeys' object has no attribute 'has_key'
- check if host key is changed in python