使用 JSch SFTP 库时如何解析 Java UnknownHostKey? [英] How to resolve Java UnknownHostKey, while using JSch SFTP library?
问题描述
我正在运行一个 Java 程序,我使用 Java SFTP 将文件从一个文件夹传输到另一个文件夹.我遇到的问题是我的 Java SFTP(使用 JSch)中出现以下错误:
<块引用>C:OracleMiddlewareOracle_Homeoracle_commonjdkinjavaw.exe-server -classpath C:JDevelopermyworkJava_Hello_World.adf;C:JDevelopermyworkJava_Hello_WorldClientclasses;C:UsersADMINDownloadsjsch-0.1.53.jar-Djavax.net.ssl.trustStore=C:UsersIBM_AD~1AppDataLocalTemp rustStore5840796204189742395.jksFileTransfer com.jcraft.jsch.JSchException:UnknownHostKey:127.0.0.1.RSA 密钥指纹为 a2:39:3f:44:88:e9:1f:d7:d1:71:f4:85:98:fb:90:dc在 com.jcraft.jsch.Session.checkHost(Session.java:797) 在com.jcraft.jsch.Session.connect(Session.java:342) 在com.jcraft.jsch.Session.connect(Session.java:183) 在FileTransfer.main(FileTransfer.java:33) 进程以退出代码退出0.
以下是我目前的代码:
FileTransfer fileTransfer = new FileTransfer();JSch jsch = new JSch();尝试 {字符串主机 = "127.0.0.1";内部端口 = 22;字符串用户 = "用户";Session session = jsch.getSession(user, host, port);session = jsch.getSession("用户名", "127.0.0.1", 22);会话连接();//这里的错误,java.net.ConnectExceptionChannelSftp sftp = null;sftp = (ChannelSftp)session.openChannel("sftp") ;//渠道;//额外的配置代码java.util.Properties config = new java.util.Properties();config.put("StrictHostKeyChecking", "no");session.setConfig(config);//结束额外的配置代码sftp.rename("C:\Users\ADMIN\Desktop\Work\ConnectOne_Bancorp\Java_Work\SFTP_1\house.bmp", "C:\Users\ADMIN\Desktop\Work\ConnectOne_Bancorp\Java_Work\SFTP_2\house.bmp");session.disconnect();} catch (JSchException e) {e.printStackTrace();} catch (SftpException e) {e.printStackTrace();}//收尾
我的 Cygwin 已设置,我检查(使用 netstat -a -b
)它正在运行.
您试图通过将 StrictHostKeyChecking
设置为 no
来跳过主机密钥检查.
但是你必须在检查之前这样做,即在 session.connect()
之前.
无论如何,你永远不应该这样做,除非你不关心安全.主机密钥检查旨在保护您免受中间人攻击.
相反,设置一个预期的主机密钥让 JSch 验证它.
例如:
调用
JSch.setKnownHosts
提供了一个类似.ssh/known_hosts
的文件的路径.要生成类似
.ssh/known_hosts
的文件,您可以使用来自 OpenSSH 的ssh-keyscan
命令.如果你从 *nix 服务器连接,你应该有可用的命令,只需运行ssh-keyscan example.com >已知主机
它将具有如下格式:
<预> <代码> example.com SSH-RSA AAAAB3NzaC1yc2EAAAABIwAAAQEA0hVqZOvZ7yWgie9OHdTORJVI5fJJoH1yEGamAd5G3werH0z7e9ybtq1mGUeRkJtea7bzru0ISR0EZ9HIONoGYrDmI7S + BiwpDBUKjva4mAsvzzvsy6Ogy/apkxm6Kbcml8u4wjxaOw3NKzKqeBvR3pc + nQVA + SJUZq8D2XBRd4EDUFXeLzwqwen9G7gSLGB1hJkSuRtGRfOHbLUuCKNR8RV82i3JvlSnAwb3MwN0m3WGdlJA8J + 5YAg4e6JgSKrsCObZK7W1R6iuyuH1zA + dtAHyDyYVHB4FnYZPL0hgz2PSb9c + iDEiFcT/LT4/dQ的+ kRW6DYn66lS8peS8zCJ9CSQ ==并在您的 JSch 代码中引用生成的
known_hosts
文件.如果您使用的是 Windows,则可以从 ssh-keyscan 的 Windows 版本"noreferrer">Win32-OpenSSH 项目 或适用于 Windows 的 Git.
调用
JSch.getHostKeyRepository().add()
以提供预期的主机密钥(例如,硬编码,作为您的其他凭据).
I'm running a java program where I transfer a file from one folder to another, using Java SFTP. The problem I'm having is that I'm getting the following error in my Java SFTP (using JSch) :
C:OracleMiddlewareOracle_Homeoracle_commonjdkinjavaw.exe -server -classpath C:JDevelopermyworkJava_Hello_World.adf;C:JDevelopermyworkJava_Hello_WorldClientclasses;C:UsersADMINDownloadsjsch-0.1.53.jar -Djavax.net.ssl.trustStore=C:UsersIBM_AD~1AppDataLocalTemp rustStore5840796204189742395.jks FileTransfer com.jcraft.jsch.JSchException: UnknownHostKey: 127.0.0.1. RSA key fingerprint is a2:39:3f:44:88:e9:1f:d7:d1:71:f4:85:98:fb:90:dc at com.jcraft.jsch.Session.checkHost(Session.java:797) at com.jcraft.jsch.Session.connect(Session.java:342) at com.jcraft.jsch.Session.connect(Session.java:183) at FileTransfer.main(FileTransfer.java:33) Process exited with exit code 0.
The following is my code so far:
FileTransfer fileTransfer = new FileTransfer();
JSch jsch = new JSch();
try {
String host = "127.0.0.1";
int port = 22;
String user = "user";
Session session = jsch.getSession(user, host, port);
session = jsch.getSession("username", "127.0.0.1", 22);
session.connect(); // bug here , java.net.ConnectException
ChannelSftp sftp = null;
sftp = (ChannelSftp)session.openChannel("sftp") ; //channel;
//extra config code
java.util.Properties config = new java.util.Properties();
config.put("StrictHostKeyChecking", "no");
session.setConfig(config);
// end extra config code
sftp.rename("C:\Users\ADMIN\Desktop\Work\ConnectOne_Bancorp\Java_Work\SFTP_1\house.bmp", "C:\Users\ADMIN\Desktop\Work\ConnectOne_Bancorp\Java_Work\SFTP_2\house.bmp");
session.disconnect();
} catch (JSchException e) {
e.printStackTrace();
} catch (SftpException e) {
e.printStackTrace();
} //end-catch
My Cygwin is set up, and I checked (with netstat -a -b
) that it's running.
You are trying to skip a host key checking by setting StrictHostKeyChecking
to no
.
But you have to do that before the checking, i.e. before the session.connect()
.
Anyway, you should never do this, unless you do not care about security. The host key checking is there to protect you from man-in-the-middle attacks.
Instead, set up an expected host key to let JSch verify it.
For example:
Call
JSch.setKnownHosts
providing a path to a.ssh/known_hosts
-like file.To generate the
.ssh/known_hosts
-like file, you can use anssh-keyscan
command from OpenSSH. If you are connecting from a *nix server, you should have the command available, just runssh-keyscan example.com > known_hosts
It will have a format like:
example.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA0hVqZOvZ7yWgie9OHdTORJVI5fJJoH1yEGamAd5G3werH0z7e9ybtq1mGUeRkJtea7bzru0ISR0EZ9HIONoGYrDmI7S+BiwpDBUKjva4mAsvzzvsy6Ogy/apkxm6Kbcml8u4wjxaOw3NKzKqeBvR3pc+nQVA+SJUZq8D2XBRd4EDUFXeLzwqwen9G7gSLGB1hJkSuRtGRfOHbLUuCKNR8RV82i3JvlSnAwb3MwN0m3WGdlJA8J+5YAg4e6JgSKrsCObZK7W1R6iuyuH1zA+dtAHyDyYVHB4FnYZPL0hgz2PSb9c+iDEiFcT/lT4/dQ+kRW6DYn66lS8peS8zCJ9CSQ==
And reference the generated
known_hosts
file in your JSch code.If you are on Windows, you can get a Windows build of
ssh-keyscan
from Win32-OpenSSH project or Git for Windows.Call
JSch.getHostKeyRepository().add()
to provide the expected host key (e.g. hard-coded, as your other credentials).See Creating JSch HostKey instance from a public key in .pub format.
这篇关于使用 JSch SFTP 库时如何解析 Java UnknownHostKey?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!