JSch:UnknownHostKey异常,即使在known_hosts文件中存在hostkey指纹 [英] JSch: UnknownHostKey exception even when the hostkey fingerprint is present in the known_hosts file
问题描述
关于此例外,有两个问题:
There are two questions about this exception already:
- JSchException: UnknownHostKey and
- com.jcraft.jsch.JSchException: UnknownHostKey
我正在使用Windows机器尝试连接到使用运行Ubuntu的Vagrant创建的VM。这是我的代码:
I am using a Windows machine and trying to connect to a VM created with Vagrant running Ubuntu. Here is my code:
public static void main(String[] args) {
String host = "localhost";
String username = "vagrant";
int port = 2200;
String privateKey = "C:\\keys\\openSSH_pair1\\open_ssh_private";
JSch js = new JSch();
try {
js.addIdentity(privateKey, "pass");
js.setKnownHosts("C:\\Users\\user\\.ssh\\known_hosts");
Session session = js.getSession(username, host, port);
session.connect();
System.out.println("Connected");
} catch (JSchException e) {
e.printStackTrace();
}
}
@Pascal建议设置 strictHostKeyChecking 到没有,这对我有用,但这不是首选的解决方案。他首选的解决方案是从命令行进行SSH,以便将主机添加到 known_hosts 文件中。我安装了Git并执行了 ssh -i openSSH_pair1 \open_ssh_private vagrant @ localhost -p 2200
并在提示输入密码并建立一个密码之前收到此输出连接
@Pascal suggests setting strictHostKeyChecking to no, which works for me, but this is not the preferred solution. His preferred solution is to SSH from the command line so that the host will be added to the known_hosts file. I have Git installed and executed ssh -i openSSH_pair1\open_ssh_private vagrant@localhost -p 2200
and received this output before being prompted for the pass phrase and establishing a connection
主机'[localhost]的真实性:2200([127.0.0.1]:2200)'不能
成立。 ECDSA密钥指纹是
11:5d:55:29:8a:77:d8:08:b4:00:9b:a3:61:93:fe:e5。你确定你想要
继续连接(是/否)?是警告:永久性地将
'[localhost]:2200'(ECDSA)添加到已知主机列表中。
The authenticity of host '[localhost]:2200 ([127.0.0.1]:2200)' can't be established. ECDSA key fingerprint is 11:5d:55:29:8a:77:d8:08:b4:00:9b:a3:61:93:fe:e5. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '[localhost]:2200' (ECDSA) to the list of known hosts.
所以现在 git_home\.ssh 中的 known_hosts 文件包含 localhost:2200 <的条目/ code>,我还将 known_hosts 文件放入 user_home\.ssh 。我还把我的私钥放在VM上我试图ssh进入并运行它来生成一个公钥并将其添加到 authorized_keys
So now my known_hosts file in git_home\.ssh contains an entry for localhost:2200, I also placed the known_hosts file into user_home\.ssh. I also put my private key on the VM I'm trying to ssh into and ran this to generate a public key and add it to the authorized_keys
ssh-keygen -y -f open_ssh_private > open_ssh_gen.pub
cat open_ssh_gen.pub >> ~/.ssh/authorized_keys
但是我仍然得到这个例外
However I still get this exception
com.jcraft.jsch.JSchException: UnknownHostKey: localhost. RSA key fingerprint is 50:db:75:ba:11:2f:43:c9:ab:14:40:6d:7f:a1:ee:e3
at com.jcraft.jsch.Session.checkHost(Session.java:797)
at com.jcraft.jsch.Session.connect(Session.java:342)
at com.jcraft.jsch.Session.connect(Session.java:183)
at connect.Main.main(Main.java:24)
其他问题的答案建议添加下面哪个对我不起作用
The answer to the other question suggests adding the below which doesn't work for me either
js.setKnownHosts("C:\\Users\\user\\.ssh\\known_hosts");
推荐答案
问题是你已经添加了ECDSA主机密钥 known_hosts ,因为 ssh 更喜欢该密钥类型:
The problem is that you have added ECDSA host key to the known_hosts, as the ssh prefers that key type:
ECDSA密钥指纹是11:5d:55:29:8a:77:d8:08:b4:00:9b:a3:61:93:fe:e5。
ECDSA key fingerprint is 11:5d:55:29:8a:77:d8:08:b4:00:9b:a3:61:93:fe:e5.
但是JSch更喜欢RSA密钥,它在 known_hosts 中找不到:
But JSch prefers RSA key, which it won't find in the known_hosts:
RSA密钥指纹为50:db:75:ba:11:2f:43:c9:ab:14:40:6d:7f:a1 :ee:e3
RSA key fingerprint is 50:db:75:ba:11:2f:43:c9:ab:14:40:6d:7f:a1:ee:e3
您可能需要JCE才能在JSch中启用ECDSA。
You probably need JCE to enable ECDSA In JSch.
请参阅 JSch算法协商失败。
或者使 ssh 使用RSA密钥和 -o HostKeyAlgorithms = ssh -rsa 。
Or make ssh use RSA key with -o HostKeyAlgorithms=ssh-rsa.
这篇关于JSch:UnknownHostKey异常,即使在known_hosts文件中存在hostkey指纹的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
