& quot;拒绝HostKey& quot;使用JSch通过jumphost连接到远程主机时 [英] "reject HostKey" when connecting to remote host through jumphost with JSch
问题描述
需要通过Jumphost SSH到目标主机.尝试过 JSch JumpHosts示例中提到的方法.
Need to SSH to destination host through jumphost. Had tried the same mentioned in JSch JumpHosts example.
Session[] sessions = new Session[2];
Session session = null;
sessions[0] = session = jsch.getSession(getUserName(), "jumphost1.com", 22);
session.setPassword(getHostPassword());
UserInfo userInfo = new UserInfo();
userInfo.setPassword(getHostPassword());
session.setUserInfo(userInfo);
Properties prop = new Properties();
prop.put("StrictHostKeyChecking", "no");
prop.put("PreferredAuthentications", "publickey,keyboard-interactive,password");
session.setConfig(prop);
session.connect();
String host = "host1.com";
int assignedPort = session.setPortForwardingL(0, host, 22);
LOGGER.info("Jump host the {} of agent {} and port forwarding {}", i, host, assignedPort);
sessions[i] = session = jsch.getSession(getUserName(), "127.0.0.1", assignedPort);
session.setPassword(getHostPassword());
userInfo = new UserInfo();
userInfo.setPassword(getHostPassword());
session.setUserInfo(userInfo);
session.setHostKeyAlias(host);
session.connect();
连接到目标主机时出现以下异常:
Getting below exception when connection to destination host:
Caused by: com.jcraft.jsch.JSchException: reject HostKey: 127.0.0.1
at com.jcraft.jsch.Session.checkHost(Session.java:799)
at com.jcraft.jsch.Session.connect(Session.java:345)
at com.jcraft.jsch.Session.connect(Session.java:183)
我正在尝试通过 jumphost1.com
- 登录到
jumphost1.com
- 然后ssh
host1.com
- 执行
host1
中的命令
- login to
jumphost1.com
- then ssh
host1.com
- execute the commands in the
host1
推荐答案
您通过Jumphost连接的代码正确.
Your code for connecting through jumphost is correct.
唯一的问题是,本地主机密钥存储库包含的第二个主机的主机密钥与从真实(第二个)主机收到的密钥不同.
The only problem is that your local host key repository contains a different host key for the second host, than what you receive from the real (second) host.
实际上,您似乎并没有关心安全,因为您为Jumphost会话设置了 StrictHostKeyChecking = no
(
You actually do not seem to care about security, as you set StrictHostKeyChecking=no
for the jumphost session (what the official example rightly does not do!). But you do not do the same for the second session, hence the error.
另请参见如何在使用JSch SFTP库时解析Java UnknownHostKey?
这篇关于& quot;拒绝HostKey& quot;使用JSch通过jumphost连接到远程主机时的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!