问题
Need to SSH to destination host through jumphost. Had tried the same mentioned in JSch JumpHosts example.
Session[] sessions = new Session[2];
Session session = null;
sessions[0] = session = jsch.getSession(getUserName(), "jumphost1.com", 22);
session.setPassword(getHostPassword());
UserInfo userInfo = new UserInfo();
userInfo.setPassword(getHostPassword());
session.setUserInfo(userInfo);
Properties prop = new Properties();
prop.put("StrictHostKeyChecking", "no");
prop.put("PreferredAuthentications", "publickey,keyboard-interactive,password");
session.setConfig(prop);
session.connect();
String host = "host1.com";
int assignedPort = session.setPortForwardingL(0, host, 22);
LOGGER.info("Jump host the {} of agent {} and port forwarding {}", i, host, assignedPort);
sessions[i] = session = jsch.getSession(getUserName(), "127.0.0.1", assignedPort);
session.setPassword(getHostPassword());
userInfo = new UserInfo();
userInfo.setPassword(getHostPassword());
session.setUserInfo(userInfo);
session.setHostKeyAlias(host);
session.connect();
Getting below exception when connection to destination host:
Caused by: com.jcraft.jsch.JSchException: reject HostKey: 127.0.0.1
at com.jcraft.jsch.Session.checkHost(Session.java:799)
at com.jcraft.jsch.Session.connect(Session.java:345)
at com.jcraft.jsch.Session.connect(Session.java:183)
I am trying to login to host host1.com
through jumphost1.com
- login to
jumphost1.com
- then ssh
host1.com
- execute the commands in the
host1
回答1:
Your code for connecting through jumphost is correct.
The only problem is that your local host key repository contains a different host key for the second host, than what you receive from the real (second) host.
You actually do not seem to care about security, as you set StrictHostKeyChecking=no
for the jumphost session (what the official example rightly does not do!). But you do not do the same for the second session, hence the error.
See also How to resolve Java UnknownHostKey, while using JSch SFTP library?
来源:https://stackoverflow.com/questions/48403041/reject-hostkey-when-connecting-to-remote-host-through-jumphost-with-jsch