我们必须通过配置用户名,密码和公共密钥,使用代理服务器internet.ford.com从我们的应用程序连接到外部SFTP服务器。
我们正在面对带有JSch库的Java代码以连接到SFTP服务器。尝试从服务器环境(Dev,QA)中托管的应用程序连接SFTP服务器时,我们遇到了一个问题
我收到UnknownHostKey异常,如下面的日志所示。
4463 [8/19/19 12:05:06:301 EDT] 0001fadf TransCommunic I JSchException @ TransCommunicationMgr:- connect Result Code: UnknownHostKey: 74.126.93.138. RSA key fingerprint is e8:90:a9:f3:3d:8f:83:26:e3:24:2b:2f:a1:71:e3:7c
我在下面的代码块中将公共密钥设置为字节数组值。
// knownHostPublicKey is a String variable
knownHostPublicKey=config.getKnownHostPublicKey();
jsch.setKnownHosts(new
ByteArrayInputStream(knownHostPublicKey.getBytes()));
在显示一些代码部分中添加了涉及SFTP连接过程的完整代码。
我尝试使用Java JSch库和代理服务器internet.ford.com进行SFTP服务器连接
public Session connectSFTP(final FtpCredentials config)
throws OfBusinessRuntimeException{
final String METHOD_NAME = "connect";
log.entering(CLASS_NAME, METHOD_NAME, config);
/*Local attributes declaration */
String host = null;
String user = null;
String password = null;
int elapsedTime = 0;
int sftpPort = 0;
String knownHostPublicKey = null;
String sftpProxy = null;
int sftpProxyPort=0;
Session sftpSession = null;
JSch jsch = new JSch();
/* Beginning of try catch block */
try {
// Getting FTP connection details.
if (config != null) {
host = config.getHost();
user = config.getUserId();
sftpPort = config.getSftpPort();
password = config.getPassword();
elapsedTime = config.getElapsedTime();
knownHostPublicKey=config.getKnownHostPublicKey();
/*byte[] hostPublicKey=Base64.getDecoder().decode(knownHostPublicKey);
HostKey hostKey=new HostKey(host,hostPublicKey);
jsch.getHostKeyRepository().add(hostKey,null);
*/
jsch.
jsch.setKnownHosts(new ByteArrayInputStream(knownHostPublicKey.getBytes()));
sftpProxy=config.getSftpProxy();
sftpProxyPort=config.getSftpProxyPort();
sftpSession = jsch.getSession(user, host, sftpPort);
}
log.info("Before Connect " + host + " User :- " + user);
if (host == null || user == null || password == null) {
throw new OfBusinessRuntimeException(
"SFTP Host Information not found.");
}
sftpSession.setHost(host);
sftpSession.setPassword(password);
sftpSession.setPort(sftpPort);
//java.util.Properties config = new java.util.Properties();
// // force aes256-ctr encryption
//config.put("cipher.s2c", "aes256-ctr");
//config.put("cipher.c2s", "aes256-ctr");
//config.put("CheckCiphers", "aes256-ctr");
//session.setConfig(config);
sftpSession.setProxy(new ProxyHTTP(sftpProxy,sftpProxyPort));
/*
* Setting the timeout to 30 seconds to ensure connection is made
* for testing setting the port to 22 as this should be the one
* to accept the connection
**/
sftpSession.setTimeout(elapsedTime);
sftpSession.connect();
log.info("SFTP Session Connection is successful");
} catch (final JSchException jschException) {
jschException.printStackTrace();
log.info("JSchException @ TransCommunicationMgr:- "
+ METHOD_NAME + " Result Code: "
+ jschException.getMessage());
//throw new OfBusinessRuntimeException(jschException.getMessage(),jschException);
}
/* Log existing method. */
log.exiting(CLASS_NAME, METHOD_NAME, sftpSession);
return sftpSession;
}
期望与外部SFTP服务器的连接成功。
答案 0 :(得分:1)
JSch.setKnownHosts接受OpenSSH authorized_keys文件格式的公钥,例如:
example.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA0hVqZOvZ7yWgie9OHdTORJVI5fJJoH1yEGamAd5G3werH0z7e9ybtq1mGUeRkJtea7bzru0ISR0EZ9HIONoGYrDmI7S+BiwpDBUKjva4mAsvzzvsy6Ogy/apkxm6Kbcml8u4wjxaOw3NKzKqeBvR3pc+nQVA+SJUZq8D2XBRd4EDUFXeLzwqwen9G7gSLGB1hJkSuRtGRfOHbLUuCKNR8RV82i3JvlSnAwb3MwN0m3WGdlJA8J+5YAg4e6JgSKrsCObZK7W1R6iuyuH1zA+dtAHyDyYVHB4FnYZPL0hgz2PSb9c+iDEiFcT/lT4/dQ+kRW6DYn66lS8peS8zCJ9CSQ==
这不是您使用的格式。