Issue
Using OpenSSH 8 I ran a ssh-keyscan for one of my systems.
It returns keys for ssh-rsa, ecdsa-sha2-nistp256 and ssh-ed25519.
I would like to use Paramiko in Python to get the same results back. I'm just starting to dive into Paramiko, I'm new to it. Maybe it can't be done this way or there is a better way to do this?
import paramiko
host = "x.x.x.x" #<=IP address of system
transport = paramiko.Transport(host)
transport.connect()
key = transport.get_remote_server_key()
print(key.get_name())
print(key.get_bits())
print(key.get_base64())
transport.close()
I'm only getting back ssh-ed25519 key.
I don't see any methods for iterating through a list returned (possibly I'm overlooking).
Anyone know how to get the ecdsa-sha2-nistp256 key back from a call like this?
Solution
The Transport.get_remote_server_key returns the key that Paramiko and your server has agreed upon. There's no list available. The server provides only the specific key that they agreed on. Not all keys the server has.
If you want another key algo, you have to tell Paramiko to ask the server for it.
Before connection, do something like this:
transport.get_security_options().key_types = ["ecdsa-sha2-nistp256"]
And repeat the connection for each algo you want. This is what ssh-keyscan does.
These are the key algo types:
ssh-ed25519ecdsa-sha2-nistp256ecdsa-sha2-nistp384ecdsa-sha2-nistp521ssh-rsassh-dss
Answered By - Martin Prikryl