我有一个奇怪的问题sshj(我正在使用sshj v0.6.0),我需要一些人的帮助.使用公钥进行身份验证在某些计算机上运行正常但在其他计算机上无法正常工作,我看到以下错误.
唯一不同的是,有问题的UNIX ID有问题,即coonradt似乎在〜/ .ssh/config下面的下面列出的配置设置只在触发了以下错误的框上
Host *
Protocol 1,2
FallBackToRsh no
ForwardAgent yes
ForwardX11 yes
PasswordAuthentication yes
RhostsAuthentication no
RhostsRSAAuthentication no
RSAAuthentication yes
NoHostAuthenticationForLocalhost yes
StrictHostKeyChecking no
KeepAlive yes
从上面的配置文件中我了解到有问题的ID应该使用Protocol 1,2并且我怀疑这可能与我的失败有关(我不是很确定,但这只是一个预感)
对于其工作正常的所有其他UNIX ID,我没有任何这样的配置文件.
PS:我无法更改UNIX ID"coonradt"的配置,因为中央哈德森服务器正在使用此ID.
如果有人可以帮助我建议这里可能有什么问题,我将不胜感激
以下是我看到的错误:
Oct 24, 2011 2:30:37 AM net.schmizz.sshj.DefaultConfig initCipherFactories
WARNING: Disabling high-strength ciphers: cipher strengths apparently limited by JCE policy
Oct 24, 2011 2:30:38 AM net.schmizz.sshj.transport.TransportImpl init
INFO: Client identity string: SSH-2.0-SSHJ_0_6_0
Oct 24, 2011 2:30:38 AM net.schmizz.sshj.transport.TransportImpl init
INFO: Server identity string: SSH-1.99-OpenSSH_4.3
Oct 24, 2011 2:30:38 AM net.schmizz.sshj.transport.KeyExchanger sendKexInit
INFO: Sending SSH_MSG_KEXINIT
Oct 24, 2011 2:30:38 AM net.schmizz.sshj.transport.KeyExchanger handle
INFO: Received SSH_MSG_KEXINIT
Oct 24, 2011 2:30:38 AM net.schmizz.sshj.transport.kex.AbstractDHG init
INFO: Sending SSH_MSG_KEXDH_INIT
Oct 24, 2011 2:30:38 AM net.schmizz.sshj.transport.KeyExchanger handle
INFO: Received kex followup data
Oct 24, 2011 2:30:38 AM net.schmizz.sshj.transport.kex.AbstractDHG next
INFO: Received SSH_MSG_KEXDH_REPLY
Oct 24, 2011 2:30:38 AM net.schmizz.sshj.transport.TransportImpl die
SEVERE: Dying because - net.schmizz.sshj.transport.TransportException: [HOST_KEY_NOT_VERIFIABLE] Could not verify `ssh-rsa` host key with fingerprint `ca:0b:b3:7f:53:5a:e3:bc:bf:44:63:d8:2d:26:c0:41` for `mymachine.domain.com` on port 22
Oct 24, 2011 2:30:38 AM net.schmizz.concurrent.Promise tryRetrieve
SEVERE: <<kex done>> woke to: net.schmizz.sshj.transport.TransportException: [HOST_KEY_NOT_VERIFIABLE] Could not verify `ssh-rsa` host key with fingerprint `ca:0b:b3:7f:53:5a:e3:bc:bf:44:63:d8:2d:26:c0:41` for `mymachine.domain.com` on port 22
Oct 24, 2011 2:30:38 AM net.schmizz.sshj.transport.TransportImpl setService
INFO: Setting active service to null-service
Oct 24, 2011 2:30:38 AM com.test.jaws.execution.ssh.impl.SSHJClientImpl$ExceptionHandler handleSevereCondition
SEVERE: mymachine.domain.com is not added to your /x/home/coonradt/.ssh/known_hosts file.
Throwable occurred: net.schmizz.sshj.transport.TransportException: [HOST_KEY_NOT_VERIFIABLE] Could not verify `ssh-rsa` host key with fingerprint `ca:0b:b3:7f:53:5a:e3:bc:bf:44:63:d8:2d:26:c0:41` for `mymachine.domain.com` on port 22
at net.schmizz.sshj.transport.KeyExchanger.verifyHost(KeyExchanger.java:222)
at net.schmizz.sshj.transport.KeyExchanger.handle(KeyExchanger.java:373)
at net.schmizz.sshj.transport.TransportImpl.handle(TransportImpl.java:477)
at net.schmizz.sshj.transport.Decoder.decode(Decoder.java:127)
at net.schmizz.sshj.transport.Decoder.received(Decoder.java:195)
at net.schmizz.sshj.transport.Reader.run(Reader.java:72)
Pra*_*nav 20
您可以将SSH客户端设置为接受所有密钥而无需任何验证(忽略主机密钥验证)
SSHClient sshClient = new SSHClient();
sshClient.addHostKeyVerifier(new PromiscuousVerifier());
...
shi*_*har 16
如何为这台机器添加HostKeyVerifier?
sshClient.addHostKeyVerifier("ca:0b:b3:7f:53:5a:e3:bc:bf:44:63:d8:2d:26:c0:41");
它不会自动发生的原因可能是因为known_hosts文件不在$(user.home)/.ssh/known_hosts.您还可以从特定位置显式加载已知主机.
sshClient.loadKnownHosts(new File("path_to_known_hosts"));
小智 7
try {
ssh.connect(envConf.getIp(), port);
} catch (TransportException e) {
if (e.getDisconnectReason() == DisconnectReason.HOST_KEY_NOT_VERIFIABLE) {
String msg = e.getMessage();
String[] split = msg.split("`");
String vc = split[3];
ssh = new SSHClient();
ssh.addHostKeyVerifier(vc);
ssh.connect(envConf.getIp(), port);
} else {
throw e;
}
}
ssh.authPassword(envConf.getName(), envConf.getPw());
ssh.newSCPFileTransfer().download(envConf.getHomePath() + FilePath, toPath);
| 归档时间: |
|
| 查看次数: |
15800 次 |
| 最近记录: |