尝试使用sshj示例('exec'):无法使用指纹验证`ssh-rsa`主机密钥

问题描述 投票:5回答:3

我正在尝试编写一个Java程序,该程序将通过ssh连接并在工作中的服务器(redhat linux)上做一些事情。我的盒子是窗户。我阅读了有关sshj的文章,并试图使该示例生效。我已经处理了大多数依赖项,现在在处理公钥/私钥时遇到了一个错误,不幸的是,我在那里也不了解太多(是的,这是一场新手的完美风暴!)。这是错误:

线程“主”中的异常net.schmizz.sshj.transport.TransportException:[HOST_KEY_NOT_VERIFIABLE]无法为端口22上的ssh-rsa验证带有指纹5f:d6:94:00:9e:ec:7e:34:6d:d0:d3:76:df:5e:dd:3dmyserver主机密钥

这里是代码:

import net.schmizz.sshj.SSHClient;
import net.schmizz.sshj.common.IOUtils;
import net.schmizz.sshj.connection.channel.direct.Session;
import net.schmizz.sshj.connection.channel.direct.Session.Command;

import java.io.IOException;
import java.util.concurrent.TimeUnit;

/** This examples demonstrates how a remote command can be executed. */
public class sshBuddy {

    public static void main(String... args)
            throws IOException {
        final SSHClient ssh = new SSHClient();
        ssh.loadKnownHosts();
        //ssh.addHostKeyVerifier("5f:d6:94:00:9e:ec:7e:34:6d:d0:d3:76:df:5e:dd:3d");

        ssh.connect("myserver");
        try {
            ssh.authPublickey(System.getProperty("myusername"));
            final Session session = ssh.startSession();
            try {
                final Command cmd = session.exec("ping -c 1 google.com");
                System.out.println(IOUtils.readFully(cmd.getInputStream()).toString());
                cmd.join(5, TimeUnit.SECONDS);
                System.out.println("\n** exit status: " + cmd.getExitStatus());
            } finally {
                session.close();
            }
        } finally {
            ssh.disconnect();
        }
    }

}

任何帮助将不胜感激,谢谢!

fingerprint sshj
3个回答
8
投票

只需尝试一下

ssh.addHostKeyVerifier(new PromiscuousVerifier());

这应该工作

1
投票

尝试一下

    public class sshBuddy {

    public static void main(String... args)
            throws IOException {
        final SSHClient ssh = new SSHClient();
        //ssh.loadKnownHosts();
        ssh.addHostKeyVerifier("5f:d6:94:00:9e:ec:7e:34:6d:d0:d3:76:df:5e:dd:3d");

        ssh.connect("myserver");
        try {
            ssh.authPublickey(System.getProperty("myusername"));
            final Session session = ssh.startSession();
            try {
                final Command cmd = session.exec("ping -c 1 google.com");
                System.out.println(IOUtils.readFully(cmd.getInputStream()).toString());
                cmd.join(5, TimeUnit.SECONDS);
                System.out.println("\n** exit status: " + cmd.getExitStatus());
            } finally {
                session.close();
            }
        } finally {
            ssh.disconnect();
        }
    }
}

取消注释addHostKeyVerifier并注释loadKnownHosts。应该可以。

0
投票

这应该起作用:

ssh.addHostKeyVerifier("MD5:5f:d6:94:00:9e:ec:7e:34:6d:d0:d3:76:df:5e:dd:3d")

方法addHostKeyVerifier可以接收final String作为参数,该参数用于在类FingerprintVerifier.java中执行验证。

根据the repo,可以使用其他输入,例如:

  • "SHA1:2Fo8c/96zv32xc8GZWbOGYOlRak="
  • "SHA256:oQGbQTujGeNIgh0ONthcEpA/BHxtt3rcYY+NxXTxQjs="
  • "MD5:d3:5e:40:72:db:08:f1:6d:0c:d7:6d:35:0d:ba:7c:32"
  • "d3:5e:40:72:db:08:f1:6d:0c:d7:6d:35:0d:ba:7c:32"

如果有多个密钥,请仔细检查ssh服务器的默认公共密钥的指纹。

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.