ssh - How to resolve Java UnknownHostKey, while using JSch SFTP library? -

June 15, 2010

i'm running java program transfer file 1 folder another, using java sftp. problem i'm having i'm getting following error in java sftp (using jsch) :

c:\oracle\middleware\oracle_home\oracle_common\jdk\bin\javaw.exe -server -classpath c:\jdeveloper\mywork\java_hello_world.adf;c:\jdeveloper\mywork\java_hello_world\client\classes;c:\users\admin\downloads\jsch-0.1.53.jar -djavax.net.ssl.truststore=c:\users\ibm_ad~1\appdata\local\temp\truststore5840796204189742395.jks filetransfer com.jcraft.jsch.jschexception: unknownhostkey: 127.0.0.1. rsa key fingerprint a2:39:3f:44:88:e9:1f:d7:d1:71:f4:85:98:fb:90:dc @ com.jcraft.jsch.session.checkhost(session.java:797) @ com.jcraft.jsch.session.connect(session.java:342) @ com.jcraft.jsch.session.connect(session.java:183) @ filetransfer.main(filetransfer.java:33) process exited exit code 0.

the following code far:

filetransfer filetransfer = new filetransfer();                jsch jsch = new jsch();  try {      string host = "127.0.0.1";     int port = 22;      string user = "user";     session session = jsch.getsession(user, host, port);           session = jsch.getsession("username", "127.0.0.1", 22);     session.connect();  // bug here , java.net.connectexception      channelsftp sftp = null;     sftp = (channelsftp)session.openchannel("sftp") ; //channel;      //extra config code     java.util.properties config = new java.util.properties();      config.put("stricthostkeychecking", "no");     session.setconfig(config);     // end config code      sftp.rename("c:\\users\\admin\\desktop\\work\\connectone_bancorp\\java_work\\sftp_1\\house.bmp", "c:\\users\\admin\\desktop\\work\\connectone_bancorp\\java_work\\sftp_2\\house.bmp");       session.disconnect();  } catch (jschexception e) {     e.printstacktrace();   } catch (sftpexception e) {     e.printstacktrace(); } //end-catch

my cygwin set up, , checked (with netstat -a -b ) it's running.

you trying skip host key checking setting stricthostkeychecking no.

but have before checking, i.e. before session.connect().

anyway, should never this, unless not care security. host key checking there protect man-in-the-middle attacks.

instead, set expected host key let jsch verify it.

for example:

call jsch.setknownhosts providing path .ssh/known_hosts-like file.

to generate .ssh/known_hosts-like file, can use ssh-keyscan command openssh. if connecting *nix server, should have command available, run

ssh-keyscan example.com > known_hosts

it have format like:

example.com ssh-rsa aaaab3nzac1yc2eaaaabiwaaaqea0hvqzovz7ywgie9ohdtorjvi5fjjoh1yegamad5g3werh0z7e9ybtq1mguerkjtea7bzru0isr0ez9hionogyrdmi7s+biwpdbukjva4masvzzvsy6ogy/apkxm6kbcml8u4wjxaow3nkzkqebvr3pc+nqva+sjuzq8d2xbrd4edufxelzwqwen9g7gslgb1hjksurtgrfohbluucknr8rv82i3jvlsnawb3mwn0m3wgdlja8j+5yag4e6jgskrscobzk7w1r6iuyuh1za+dtahydyyvhb4fnyzpl0hgz2psb9c+ideifct/lt4/dq+krw6dyn66ls8pes8zcj9csq==

and reference generated known_hosts file in jsch code.

if on windows, run command on server (from ssh terminal). , download generated known_hosts windows machine.

call jsch.gethostkeyrepository().add() provide expected host key (e.g. hard-coded, other credentials).

see creating jsch hostkey instance public key in .pub format.

Search This Blog

LP

ssh - How to resolve Java UnknownHostKey, while using JSch SFTP library? -

Comments

Post a Comment

Popular posts from this blog

PHP and MySQL WP -

android - InAppBilling registering BroadcastReceiver in AndroidManifest -

go - golang pprof for c library code -