Comment 3 for bug 656646

I've had som emore experience with this, and it is definitely true that running
ssh-keyscan host1 host2 host3 host4 ....

can end up giving output only for a small number of hosts because a single host fails.
During one case where this was failing, i did (manually)

$ ssh-keyscan -t rsa,dsa ec2-67-202-18-160.compute-1.amazonaws.com ec2-184-72-94-230.compute-1.amazonaws.com ec2-75-101-179-107.compute-1.amazonaws.com ...
# ec2-67-202-18-160.compute-1.amazonaws.com SSH-2.0-OpenSSH_5.8p1 Debian-1ubuntu1
ec2-67-202-18-160.compute-1.amazonaws.com ssh-dss AAAAB3N...
# ec2-67-202-18-160.compute-1.amazonaws.com SSH-2.0-OpenSSH_5.8p1 Debian-1ubuntu1
ec2-67-202-18-160.compute-1.amazonaws.com ssh-rsa AAAAB3NzaC1y...
# ec2-184-72-94-230.compute-1.amazonaws.com SSH-2.0-OpenSSH_5.8p1 Debian-1ubuntu1
Connection closed by 184.72.94.230

There were several other hosts to scan (13), but the failure of 'Connection closed' on the third host ends up failing.

I had assumed from the man page of ssh-keyscan:
  "ssh-keyscan uses non-blocking socket I/O to contact as many hosts as
   possible in parallel, so it is very efficient. The keys from a domain
   of 1,000 hosts can be collected in tens of seconds, even when some of
   those hosts are down or do not run ssh."

that a failure on one host would not indicate the others, but it appears
that is not the case.

So, in the case where I saw large number of ssh-keyscan failures, they
are in fact linked to 2 failure.