By Coffee

2015-09-29 20:10:16 8 Comments

I'm running a java program where I transfer a file from one folder to another, using Java SFTP. The problem I'm having is that I'm getting the following error in my Java SFTP (using JSch) :

C:\Oracle\Middleware\Oracle_Home\oracle_common\jdk\bin\javaw.exe -server -classpath C:\JDeveloper\mywork\Java_Hello_World.adf;C:\JDeveloper\mywork\Java_Hello_World\Client\classes;C:\Users\ADMIN\Downloads\jsch-0.1.53.jar\Users\IBM_AD~1\AppData\Local\Temp\trustStore5840796204189742395.jks FileTransfer com.jcraft.jsch.JSchException: UnknownHostKey: RSA key fingerprint is a2:39:3f:44:88:e9:1f:d7:d1:71:f4:85:98:fb:90:dc at com.jcraft.jsch.Session.checkHost( at com.jcraft.jsch.Session.connect( at com.jcraft.jsch.Session.connect( at FileTransfer.main( Process exited with exit code 0.

The following is my code so far:

FileTransfer fileTransfer = new FileTransfer();              

JSch jsch = new JSch();

try {

    String host = "";
    int port = 22;

    String user = "user";
    Session session = jsch.getSession(user, host, port);      
    session = jsch.getSession("username", "", 22);
    session.connect();  // bug here ,

    ChannelSftp sftp = null;
    sftp = (ChannelSftp)session.openChannel("sftp") ; //channel;

    //extra config code
    java.util.Properties config = new java.util.Properties(); 
    config.put("StrictHostKeyChecking", "no");
    // end extra config code

    sftp.rename("C:\\Users\\ADMIN\\Desktop\\Work\\ConnectOne_Bancorp\\Java_Work\\SFTP_1\\house.bmp", "C:\\Users\\ADMIN\\Desktop\\Work\\ConnectOne_Bancorp\\Java_Work\\SFTP_2\\house.bmp");  

} catch (JSchException e) {
} catch (SftpException e) {
} //end-catch

My Cygwin is set up, and I checked (with netstat -a -b ) that it's running.


@swaz 2018-12-11 13:49:29

jsch version : 0.1.55

my problem solved by running :

ssh-keyscan -t rsa <HOST_NAME> >> ~/.ssh/known_hosts
ssh-keyscan -t rsa <IP_ADDRESS_OF_HOST_NAME> >> ~/.ssh/known_hosts

**in my case jsch was looking for ip address in known_hosts file


@Martin Prikryl 2015-09-30 06:07:33

You are trying to skip a host key checking by setting StrictHostKeyChecking to no.

But you have to do that before the checking, i.e. before the session.connect().

Anyway, you should never do this, unless you do not care about security. The host key checking is there to protect you from man-in-the-middle attacks.

Instead, set up an expected host key to let JSch verify it.

For example:

  • Call JSch.setKnownHosts providing a path to a .ssh/known_hosts-like file.

    To generate the .ssh/known_hosts-like file, you can use an ssh-keyscan command from OpenSSH. If you are connecting from a *nix server, you should have the command available, just run

    ssh-keyscan > known_hosts

    It will have a format like: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA0hVqZOvZ7yWgie9OHdTORJVI5fJJoH1yEGamAd5G3werH0z7e9ybtq1mGUeRkJtea7bzru0ISR0EZ9HIONoGYrDmI7S+BiwpDBUKjva4mAsvzzvsy6Ogy/apkxm6Kbcml8u4wjxaOw3NKzKqeBvR3pc+nQVA+SJUZq8D2XBRd4EDUFXeLzwqwen9G7gSLGB1hJkSuRtGRfOHbLUuCKNR8RV82i3JvlSnAwb3MwN0m3WGdlJA8J+5YAg4e6JgSKrsCObZK7W1R6iuyuH1zA+dtAHyDyYVHB4FnYZPL0hgz2PSb9c+iDEiFcT/lT4/dQ+kRW6DYn66lS8peS8zCJ9CSQ==

    And reference the generated known_hosts file in your JSch code.

    If you are on Windows, you can get a Windows build of ssh-keyscan from Win32-OpenSSH project or Git for Windows.

  • Call JSch.getHostKeyRepository().add() to provide the expected host key (e.g. hard-coded, as your other credentials).

    See Creating JSch HostKey instance from a public key in .pub format.

@dave_thompson_085 2015-09-30 00:13:42

Aside: by "Cygwin" I assume you mean sshd or sftpd, because Cygwin itself doesn't do SSH.

Anyway, if you want Jsch client to accept any key from the host, move the .setConfig calls that sets StrictHostKeyChecking no so it is before session.connect(). Alternatively you must provide access to a store containing the correct key(s) for your hosts(s) as @Martin explains -- and you should always do that when connecting to anything other than "localhost" or possibly a machine certain to be on the same, physically-secure network segment (such as a wired LAN hub within a single room).

@Martin Prikryl 2015-09-30 06:09:12

"you must": Please do not suggest anyone not to verify the SSH host key. At least not without explaining the consequences. It's a terrible security mistake.

@Coffee 2015-09-30 16:36:31

what is sftpd by the way?

@dave_thompson_085 2015-10-01 01:00:49

@Coffee I meant "any server (in Unix usually something-d) that implements sftp specifically, but not the rest of ssh". For Linux that's usually (not always) vsftpd, but I don't know about cygwin. I probably should have said "an sftp server".

@Martin Prikryl 2015-10-01 14:26:30

@dave_thompson_085 For Linux, it's OpenSSH, not vsftpd. The same for Cygwin.

Related Questions

Sponsored Content

67 Answered Questions

[SOLVED] How do I generate random integers within a specific range in Java?

  • 2008-12-12 18:20:57
  • user42155
  • 4186063 View
  • 3595 Score
  • 67 Answer
  • Tags:   java random integer

29 Answered Questions

[SOLVED] How do I declare and initialize an array in Java?

  • 2009-07-29 14:22:27
  • bestattendance
  • 4635748 View
  • 2123 Score
  • 29 Answer
  • Tags:   java arrays

44 Answered Questions

[SOLVED] How do I efficiently iterate over each entry in a Java Map?

46 Answered Questions

[SOLVED] How do I convert a String to an int in Java?

59 Answered Questions

[SOLVED] How to create a memory leak in Java?

29 Answered Questions

[SOLVED] How do I determine whether an array contains a particular value in Java?

  • 2009-07-15 00:03:21
  • Mike Sickler
  • 2039401 View
  • 2342 Score
  • 29 Answer
  • Tags:   java arrays

21 Answered Questions

[SOLVED] How do I call one constructor from another in Java?

  • 2008-11-12 20:10:19
  • ashokgelal
  • 897791 View
  • 2323 Score
  • 21 Answer
  • Tags:   java constructor

59 Answered Questions

[SOLVED] How do I read / convert an InputStream into a String in Java?

2 Answered Questions

[SOLVED] com.jcraft.jsch.JSchException: 4: Received message is too long: 1416128878

  • 2013-11-20 09:41:10
  • sunil
  • 3184 View
  • 4 Score
  • 2 Answer
  • Tags:   sftp jsch

Sponsored Content