如何在使用JSch SFTP库时解析Java UnknownHostKey? [英] How to resolve Java UnknownHostKey, while using JSch SFTP library?
问题描述
我正在运行一个java程序,我使用Java SFTP将文件从一个文件夹传输到另一个文件夹。我遇到的问题是我在Java SFTP中遇到以下错误(使用JSch):
I'm running a java program where I transfer a file from one folder to another, using Java SFTP. The problem I'm having is that I'm getting the following error in my Java SFTP (using JSch) :
C:\ Oracle\Middleware\Oracle_Home\oracle_common\jdk\bin\javaw.exe
-server -classpath C:\JDeveloper\mywork\Java_Hello_World.adf; C:\JDeveloper\ mywork\Java_Hello_World\Client\classes; C:\Users\ADMIN\Downloads\jsch-0.1.53.jar
-Djavax.net.ssl.trustStore = C:\Users\\ \\IBM_AD〜1\AppData\Local\Temp\trustStore5840796204189742395.jks
文件传输com.jcraft.jsch.JSchException:UnknownHostKey:127.0.0.1。
RSA密钥指纹是com.jcraft.jsch的a2:39:3f:44:88:e9:1f:d7:d1:71:f4:85:98:fb:90:dc
。 Session.checkHost(Session.java:797)at
com.jcraft.jsch.Session.connect(Session.java:342)at
com.jcraft.jsch.Session.connect(Session.java: 183)at
FileTransfer.main(FileTransfer.java:33)进程退出,退出代码
0。
C:\Oracle\Middleware\Oracle_Home\oracle_common\jdk\bin\javaw.exe -server -classpath C:\JDeveloper\mywork\Java_Hello_World.adf;C:\JDeveloper\mywork\Java_Hello_World\Client\classes;C:\Users\ADMIN\Downloads\jsch-0.1.53.jar -Djavax.net.ssl.trustStore=C:\Users\IBM_AD~1\AppData\Local\Temp\trustStore5840796204189742395.jks FileTransfer com.jcraft.jsch.JSchException: UnknownHostKey: 127.0.0.1. RSA key fingerprint is a2:39:3f:44:88:e9:1f:d7:d1:71:f4:85:98:fb:90:dc at com.jcraft.jsch.Session.checkHost(Session.java:797) at com.jcraft.jsch.Session.connect(Session.java:342) at com.jcraft.jsch.Session.connect(Session.java:183) at FileTransfer.main(FileTransfer.java:33) Process exited with exit code 0.
以下是我目前的代码:
FileTransfer fileTransfer = new FileTransfer();
JSch jsch = new JSch();
try {
String host = "127.0.0.1";
int port = 22;
String user = "user";
Session session = jsch.getSession(user, host, port);
session = jsch.getSession("username", "127.0.0.1", 22);
session.connect(); // bug here , java.net.ConnectException
ChannelSftp sftp = null;
sftp = (ChannelSftp)session.openChannel("sftp") ; //channel;
//extra config code
java.util.Properties config = new java.util.Properties();
config.put("StrictHostKeyChecking", "no");
session.setConfig(config);
// end extra config code
sftp.rename("C:\\Users\\ADMIN\\Desktop\\Work\\ConnectOne_Bancorp\\Java_Work\\SFTP_1\\house.bmp", "C:\\Users\\ADMIN\\Desktop\\Work\\ConnectOne_Bancorp\\Java_Work\\SFTP_2\\house.bmp");
session.disconnect();
} catch (JSchException e) {
e.printStackTrace();
} catch (SftpException e) {
e.printStackTrace();
} //end-catch
我的Cygwin已设置好,我检查了(带有 netstat -a -b
)它正在运行。
My Cygwin is set up, and I checked (with netstat -a -b
) that it's running.
推荐答案
你是尝试通过将 StrictHostKeyChecking
设置为 no
来跳过主机密钥检查。
You are trying to skip a host key checking by setting StrictHostKeyChecking
to no
.
但是你必须在检查之前做到这一点,即在 session.connect()
之前。
But you have to do that before the checking, i.e. before the session.connect()
.
无论如何,除非你不关心安全性,否则你绝不应该这样做。主机密钥检查可以保护您免受中间人攻击。
Anyway, you should never do this, unless you do not care about security. The host key checking is there to protect you from man-in-the-middle attacks.
相反,设置一个预期的主机密钥让JSch验证它。
Instead, set up an expected host key to let JSch verify it.
For示例:
-
调用
JSch.setKnownHosts
提供<的路径code> .ssh / known_hosts -like file。
Call
JSch.setKnownHosts
providing a path to a.ssh/known_hosts
-like file.
生成 .ssh / known_hosts
-like文件,您可以使用OpenSSH中的 ssh-keyscan
命令。如果你从* nix服务器连接,你应该有命令可用,只需运行
To generate the .ssh/known_hosts
-like file, you can use an ssh-keyscan
command from OpenSSH. If you are connecting from a *nix server, you should have the command available, just run
ssh-keyscan example.com > known_hosts
它的格式如下:
example.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA0hVqZOvZ7yWgie9OHdTORJVI5fJJoH1yEGamAd5G3werH0z7e9ybtq1mGUeRkJtea7bzru0ISR0EZ9HIONoGYrDmI7S+BiwpDBUKjva4mAsvzzvsy6Ogy/apkxm6Kbcml8u4wjxaOw3NKzKqeBvR3pc+nQVA+SJUZq8D2XBRd4EDUFXeLzwqwen9G7gSLGB1hJkSuRtGRfOHbLUuCKNR8RV82i3JvlSnAwb3MwN0m3WGdlJA8J+5YAg4e6JgSKrsCObZK7W1R6iuyuH1zA+dtAHyDyYVHB4FnYZPL0hgz2PSb9c+iDEiFcT/lT4/dQ+kRW6DYn66lS8peS8zCJ9CSQ==
并在您的JSch代码中引用生成的 known_hosts
文件。
And reference the generated known_hosts
file in your JSch code.
如果您使用的是Windows,则可以从 ssh-keyscan 的Windows版本。 / PowerShell / Win32-OpenSSH /发布rel =nofollow noreferrer> Win32-OpenSSH项目或Git for Windows。
If you are on Windows, you can get a Windows build of ssh-keyscan
from Win32-OpenSSH project or Git for Windows.
致电 JSch.getHostKeyRepository()。add()
提供预期的主机密钥(例如硬编码,作为您的其他凭证)。
Call JSch.getHostKeyRepository().add()
to provide the expected host key (e.g. hard-coded, as your other credentials).
请参阅从.pub格式的公钥创建JSch HostKey实例。
这篇关于如何在使用JSch SFTP库时解析Java UnknownHostKey?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!