Linux Survival Basics
Read-only, sensitive outputScan a Host SSH Key
You need the current presented host key for comparison.
Command
ssh-keyscan -t ed25519 hostname
Before you run this
System impact: Read-only. Output may expose users, paths, tokens, keys, IPs, process arguments, or log details.
When not to use it: Do not trust keyscan output by itself during a possible MITM warning.
Expected output
An SSH public host key line for the requested hostname if reachable.
System impact
Read-only, sensitive output. Nothing changes. The command reads current state and prints diagnostic evidence.
Recovery / rollback: no state is changed.
When to use it
Use only for comparison with trusted fingerprint records.
When not to use it
Do not trust keyscan output by itself during a possible MITM warning.
Example run
Commands shown
These are the commands shown for inspection. Treat them as an example, not proof that your system will behave identically.
ssh-keyscan -t ed25519 hostnamessh-keyscan -t ed25519 hostname
next steps
Related commands
Find known_hosts Lines by Name
See the stored entry before editing.
grep -n 'hostname' ~/.ssh/known_hosts
Find a Host in known_hosts
Do not edit known_hosts blind.
ssh-keygen -F hostname
Read Load Average Before You React
A high load number is a clue, not a diagnosis.
uptime
Run SSH Verbose Auth Test
Verbose SSH shows which key was offered.
ssh -vvv -o IdentitiesOnly=yes -i ~/.ssh/id_ed25519 user@example.com
Test SSH with One Identity File
Force one key when the agent offers too many identities.
ssh -o IdentitiesOnly=yes -i ~/.ssh/id_ed25519 user@example.com
next diagnostic step
Where to go from this command
- SSH known_hosts changed hub Use for out-of-band fingerprint comparison.
Study mapping
Use this as independent command practice: read the notes, predict the output, then compare it with the example before using a real shell.
Independent study support only. No affiliation, endorsement, exam dumps, or real exam questions.