如何在使用JSch SFTP库时解析Java UnknownHostKey? [英] How to resolve Java UnknownHostKey, while using JSch SFTP library?

查看:205
本文介绍了如何在使用JSch SFTP库时解析Java UnknownHostKey?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在运行一个java程序,我使用Java SFTP将文件从一个文件夹传输到另一个文件夹。我遇到的问题是我在Java SFTP中遇到以下错误(使用JSch):

I'm running a java program where I transfer a file from one folder to another, using Java SFTP. The problem I'm having is that I'm getting the following error in my Java SFTP (using JSch) :


C:\ Oracle\Middleware\Oracle_Home\oracle_common\jdk\bin\javaw.exe
-server -classpath C:\JDeveloper\mywork\Java_Hello_World.adf; C:\JDeveloper\ mywork\Java_Hello_World\Client\classes; C:\Users\ADMIN\Downloads\jsch-0.1.53.jar
-Djavax.net.ssl.trustStore = C:\Users\\ \\IBM_AD〜1\AppData\Local\Temp\trustStore5840796204189742395.jks
文件传输com.jcraft.jsch.JSchException:UnknownHostKey:127.0.0.1。
RSA密钥指纹是com.jcraft.jsch的a2:39:3f:44:88:e9:1f:d7:d1:71:f4:85:98:fb:90:dc
。 Session.checkHost(Session.java:797)at
com.jcraft.jsch.Session.connect(Session.java:342)at
com.jcraft.jsch.Session.connect(Session.java: 183)at
FileTransfer.main(FileTransfer.java:33)进程退出,退出代码
0。

C:\Oracle\Middleware\Oracle_Home\oracle_common\jdk\bin\javaw.exe -server -classpath C:\JDeveloper\mywork\Java_Hello_World.adf;C:\JDeveloper\mywork\Java_Hello_World\Client\classes;C:\Users\ADMIN\Downloads\jsch-0.1.53.jar -Djavax.net.ssl.trustStore=C:\Users\IBM_AD~1\AppData\Local\Temp\trustStore5840796204189742395.jks FileTransfer com.jcraft.jsch.JSchException: UnknownHostKey: 127.0.0.1. RSA key fingerprint is a2:39:3f:44:88:e9:1f:d7:d1:71:f4:85:98:fb:90:dc at com.jcraft.jsch.Session.checkHost(Session.java:797) at com.jcraft.jsch.Session.connect(Session.java:342) at com.jcraft.jsch.Session.connect(Session.java:183) at FileTransfer.main(FileTransfer.java:33) Process exited with exit code 0.

以下是我目前的代码:

FileTransfer fileTransfer = new FileTransfer();              

JSch jsch = new JSch();

try {

    String host = "127.0.0.1";
    int port = 22;

    String user = "user";
    Session session = jsch.getSession(user, host, port);      
    session = jsch.getSession("username", "127.0.0.1", 22);
    session.connect();  // bug here , java.net.ConnectException

    ChannelSftp sftp = null;
    sftp = (ChannelSftp)session.openChannel("sftp") ; //channel;

    //extra config code
    java.util.Properties config = new java.util.Properties(); 
    config.put("StrictHostKeyChecking", "no");
    session.setConfig(config);
    // end extra config code

    sftp.rename("C:\\Users\\ADMIN\\Desktop\\Work\\ConnectOne_Bancorp\\Java_Work\\SFTP_1\\house.bmp", "C:\\Users\\ADMIN\\Desktop\\Work\\ConnectOne_Bancorp\\Java_Work\\SFTP_2\\house.bmp");  
    session.disconnect();

} catch (JSchException e) {
    e.printStackTrace();  
} catch (SftpException e) {
    e.printStackTrace();
} //end-catch

我的Cygwin已设置好,我检查了(带有 netstat -a -b )它正在运行。

My Cygwin is set up, and I checked (with netstat -a -b ) that it's running.

推荐答案

你是尝试通过将 StrictHostKeyChecking 设置为 no 来跳过主机密钥检查。

You are trying to skip a host key checking by setting StrictHostKeyChecking to no.

但是你必须在检查之前做到这一点,即在 session.connect()之前。

But you have to do that before the checking, i.e. before the session.connect().

无论如何,除非你不关心安全性,否则你绝不应该这样做。主机密钥检查可以保护您免受中间人攻击

Anyway, you should never do this, unless you do not care about security. The host key checking is there to protect you from man-in-the-middle attacks.

相反,设置一个预期的主机密钥让JSch验证它。

Instead, set up an expected host key to let JSch verify it.

For示例:


  • 调用 JSch.setKnownHosts 提供<的路径code> .ssh / known_hosts -like file。

  • Call JSch.setKnownHosts providing a path to a .ssh/known_hosts-like file.

生成 .ssh / known_hosts -like文件,您可以使用OpenSSH中的 ssh-keyscan 命令。如果你从* nix服务器连接,你应该有命令可用,只需运行

To generate the .ssh/known_hosts-like file, you can use an ssh-keyscan command from OpenSSH. If you are connecting from a *nix server, you should have the command available, just run

ssh-keyscan example.com > known_hosts

它的格式如下:

example.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA0hVqZOvZ7yWgie9OHdTORJVI5fJJoH1yEGamAd5G3werH0z7e9ybtq1mGUeRkJtea7bzru0ISR0EZ9HIONoGYrDmI7S+BiwpDBUKjva4mAsvzzvsy6Ogy/apkxm6Kbcml8u4wjxaOw3NKzKqeBvR3pc+nQVA+SJUZq8D2XBRd4EDUFXeLzwqwen9G7gSLGB1hJkSuRtGRfOHbLUuCKNR8RV82i3JvlSnAwb3MwN0m3WGdlJA8J+5YAg4e6JgSKrsCObZK7W1R6iuyuH1zA+dtAHyDyYVHB4FnYZPL0hgz2PSb9c+iDEiFcT/lT4/dQ+kRW6DYn66lS8peS8zCJ9CSQ==

并在您的JSch代码中引用生成的 known_hosts 文件。

And reference the generated known_hosts file in your JSch code.

如果您使用的是Windows,则可以从 ssh-keyscan 的Windows版本。 / PowerShell / Win32-OpenSSH /发布rel =nofollow noreferrer> Win32-OpenSSH项目或Git for Windows。

If you are on Windows, you can get a Windows build of ssh-keyscan from Win32-OpenSSH project or Git for Windows.

致电 JSch.getHostKeyRepository()。add()提供预期的主机密钥(例如硬编码,作为您的其他凭证)。

Call JSch.getHostKeyRepository().add() to provide the expected host key (e.g. hard-coded, as your other credentials).

请参阅从.pub格式的公钥创建JSch HostKey实例

这篇关于如何在使用JSch SFTP库时解析Java UnknownHostKey?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
Java开发最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆