Scan for SSH servers using nmap (Linux)

From ben.goodacre.name/tech

Jump to: navigation, search

Scan for SSH servers in a subnet whilst outputting the version string in a format that is easily greppable or parsed into a script of some kind:

nmap -p22 --open -PN -sV -oG ssh_hosts 10.1.100.0/24

Or another way, this presents a list if IPs that have SSH up:

nmap -p 22 10.44.46.0/27|awk '/scan report for/ {print $0}'|grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'
Personal tools
Namespaces
Variants
Actions
Navigation
Toolbox