I am often on one computer in my house and I would like to SSH to another one, but often don't know the IP address of the one I want to connect to. Is there a way, from the command line, to scan the local network so I can find the computer I want to connect to?
Asked
Active
Viewed 1.9e+01k times
6 Answers
72
Use "nmap" - this will tell you which hosts are up on a network, and indeed which have port 22 open. You could combine it with a few other tools (like grep) to produce more targeted output if need be.
Note: do this only on YOUR network. Running up nmap or its equivalents on someone else's network is considered bad form.
sudo nmap -p 22 192.168.0.0/24
dmourati
- 26,498
Tom Newton
- 4,251
4
You can manually telnet each ip at port 22.
If successful you should see the OpenSSH version string.
The process of checking each ip in the subnet can be done by means of the 'for' directive.
Hector
- 41
3
I would advise against checking port 22 only. Not all SSH servers use port 22 by default. For instance, OpenSSH in Termux on my Android phone uses port 8022.
Instead, use nmap's powerful version detection feature, and check all ports:
% nmap -sV 192.168.68.0/24 | grep -wE '(scan report|ssh)'
Nmap scan report for 192.168.68.1
22/tcp open ssh Dropbear sshd (protocol 2.0)
Nmap scan report for 192.168.68.100
22/tcp open ssh Dropbear sshd 2015.67 (protocol 2.0)
Nmap scan report for 192.168.68.101
Nmap scan report for 192.168.68.103
Nmap scan report for 192.168.68.105
8022/tcp open ssh OpenSSH 9.1 (protocol 2.0)
Also, it's a common tactic among sysadmins to change services like SSH to a weird high port in an attempt to hide it. Although that doesn't really apply in your situation, since you probably administer your own LAN machines.
Matt Alexander
- 260
1
If you just want the hostnames/ips and don't want the other info:
sudo nmap -sS -p 22 192.168.1.0/24 | grep report
ericcurtin
- 111