When getting a message like the following, how can I view the key of the server?
$ ssh example.com
Warning: the ECDSA host key for 'example' differs from the key for the IP address '10.0.0.2'
Offending key for IP in /Users/louis/.ssh/known_hosts:1
When doing ssh -v example.com I can see debug1: Server host key: ecdsa-sha2-nistp256 SHA256:..., but this is not the same as the ssh-rsa key eventually stored in known_hosts after correcting the problem.
One pretty easy way is to use ssh-keyscan. This command will request keys from the remote server. For example if I wanted the rsa, ecdsa, and ed25519 host keys from demo.example.org I might use this command.
$ ssh-keyscan -t rsa,ecdsa,ed25519 demo.example.org
# demo.example.org:22 SSH-2.0-OpenSSH_7.4p1 Debian-10+deb9u4
demo.example.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBP6LHP2MDkPBtfBF546K9ZlPtJYVF3MMMn0ZMWEY6fkiAR+CPTfPo2l31qHMEJ0g1TT4MM0WBp8/okeBLlkgkhQ=
# demo.example.org:22 SSH-2.0-OpenSSH_7.4p1 Debian-10+deb9u4
demo.example.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDAuVatNRkjLPQOqXF9sVJOgfzKcfVJUlaFv6vfw1sBcxujRnLy0GInn0HxraXxm60dZWlkIyjhzp7CFWK9PNJ/q2NrhPa1NcWLQ4zbandj4whXYXNdysY0LSQzefrXUiEHCIk1lmBuNx59tzAS0I5S6IYH6S72g+g16HNcaJ8SEJnmFpVu5nKzhNVZls47tM+MCVjMZ92xgWkziFgnDqarfxRgL8ZKgnwQ5jPaltNf73qamAuGsMnvR8VfNpeT3QFH2MzYO/um1HYMhiUMKJfL6S4hG0rIFbF4riXnav7XPWpBVRNtLdT2w2z996wxhrvBxNLQAKK2d6jUOHWC+7x7
# demo.example.org:22 SSH-2.0-OpenSSH_7.4p1 Debian-10+deb9u4
demo.example.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINEGDaHtAIq+r98FqHL6ERuZ8ZcGyNyu3iW0XOskqQbh
If you wanted the hashed versions and wanted to append them to your known_hosts you could use a command like this.
ssh-keyscan -t rsa,ecdsa,ed25519 -H demo.example.org 2>/dev/null >> .ssh/known_hosts
Host keys are generally found under /etc/ssh/ on the server you are trying to connect to. The server host key string printed in the verbose output is simply the fingerprint of the server's public key, not the actual key itself.
