“reject HostKey” when connecting to remote host through jumphost with JSch

有些话、适合烂在心里 提交于 2019-11-30 05:12:37

问题


Need to SSH to destination host through jumphost. Had tried the same mentioned in JSch JumpHosts example.

Session[] sessions = new Session[2];
Session session = null;

sessions[0] = session = jsch.getSession(getUserName(), "jumphost1.com", 22);
session.setPassword(getHostPassword());
UserInfo userInfo = new UserInfo();
userInfo.setPassword(getHostPassword());
session.setUserInfo(userInfo);
Properties prop = new Properties();
prop.put("StrictHostKeyChecking", "no");
prop.put("PreferredAuthentications", "publickey,keyboard-interactive,password");
session.setConfig(prop);
session.connect();

String host = "host1.com";
int assignedPort = session.setPortForwardingL(0, host, 22);
LOGGER.info("Jump host the {} of agent {} and port forwarding {}", i, host, assignedPort);

sessions[i] = session = jsch.getSession(getUserName(), "127.0.0.1", assignedPort);
session.setPassword(getHostPassword());
userInfo = new UserInfo();
userInfo.setPassword(getHostPassword());
session.setUserInfo(userInfo);
session.setHostKeyAlias(host);
session.connect();

Getting below exception when connection to destination host:

Caused by: com.jcraft.jsch.JSchException: reject HostKey: 127.0.0.1
    at com.jcraft.jsch.Session.checkHost(Session.java:799)
    at com.jcraft.jsch.Session.connect(Session.java:345)
    at com.jcraft.jsch.Session.connect(Session.java:183)

I am trying to login to host host1.com through jumphost1.com

  • login to jumphost1.com
  • then ssh host1.com
  • execute the commands in the host1

回答1:


Your code for connecting through jumphost is correct.

The only problem is that your local host key repository contains a different host key for the second host, than what you receive from the real (second) host.

You actually do not seem to care about security, as you set StrictHostKeyChecking=no for the jumphost session (what the official example rightly does not do!). But you do not do the same for the second session, hence the error.

See also How to resolve Java UnknownHostKey, while using JSch SFTP library?



来源:https://stackoverflow.com/questions/48403041/reject-hostkey-when-connecting-to-remote-host-through-jumphost-with-jsch

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!