My laptop is sitting a few meters away from me. I'm behind a desktop in the same /24. I'd like to SSH to this laptop, but don't know its IP address. On this network there are quite a few machines, mostly macs. How do I find the IP address?
Arp and nc to the rescue! First we arp-scan the network, then we find SSH versions.
$for h in $(arp-scan --localnet | grep 10.15 | cut -f1); do echo -ne "$h\t"; (echo "" | nc -w1 $h 22 || echo)|head -n1; done | grep ubuntu
10.15.3.28 SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1
10.15.3.73 SSH-2.0-OpenSSH_6.0p1 Debian-3ubuntu1
10.15.3.158 SSH-2.0-OpenSSH_5.8p1 Debian-7ubuntu1
10.15.3.185 SSH-2.0-OpenSSH_6.0p1 Debian-3ubuntu1
Of course it was the last one I needed :)