11

I am getting an exception while using SSHJ.

Here is how I implemented it:

public static void main(String[] args) throws IOException { 
    // TODO Auto-generated method stub 
    final SSHClient ssh = new SSHClient(); 
    ssh.loadKnownHosts(); 
    ssh.connect("serverName"); 
    try{ 
        ssh.authPublickey("myUserId"); 
        final Session session = ssh.startSession(); 
        try{ 
            final Command cmd = session.exec("net send myMachineName Hello!!!"); 
            System.out.println(cmd.getOutputAsString()); 
            System.out.println("\n Exit Status: "+cmd.getExitStatus()); 
        }finally{ 
            session.close(); 
        } 
        }finally{ 
            ssh.disconnect(); 
        }    
    } 

}

But I get the following exception:

Exception in thread "main" java.io.IOException: Could not load known_hosts
    at net.schmizz.sshj.SSHClient.loadKnownHosts(SSHClient.java:528)
    at SSHTEST.main(SSHTEST.java:25)

What am I doing wrong?

Joachim Sauer
  • 302,674
  • 57
  • 556
  • 614
user234194
  • 1,683
  • 10
  • 38
  • 56

3 Answers3

15

Use the folowing code

final SSHClient ssh = new SSHClient();  

ssh.addHostKeyVerifier(  
    new HostKeyVerifier() {  
        public boolean verify(String arg0, int arg1, PublicKey arg2) {  
            return true;  // don't bother verifying  
        }  
    }  
);  

ssh.connect("LocalHost");
Doug Porter
  • 7,721
  • 4
  • 40
  • 55
microag
  • 159
  • 1
  • 2
  • 15
    sshj already provides a verifier which just accepts whatever is thrown at it, try using: ssh.addHostKeyVerifier(new PromiscuousVerifier()); It will achieve the same thing without the need for the anonymous inner class. – Dave Birch Sep 26 '14 at 14:50
  • Do not do this. This will blindly accept the remote SSH key, regardless of whether or not it's actually trusted. The SSH protocol has the ability to prevent man-in-the-middle attacks. This hack completely skirts that functionality and assumes everything is trusted. – senfo Mar 23 '21 at 16:57
7

Remove the call to loadKnownHosts() method, which as erickson mentioned checks under ~/.ssh/known_hosts by default (you can specify the location as an argument as well though), and replace it with:

ssh.addHostKeyVerifier("public-key-fingerprint");

To find out what the fingerprint is, the twisted way would be to connect without that statement - you'll find out from the exception ;-)

shikhar
  • 2,432
  • 1
  • 19
  • 14
3

It sounds like it's trying to read a "known_hosts" file, but can't find it, or possibly it in an invalid format.

The SSH known hosts file records the public key for various hosts to thwart some spoofing attacks. Normally it resides in ~/.ssh/known_hosts. Try creating an empty file there and see if that satisfies the library.

The library documentation is likely to address the necessary configuration files.

erickson
  • 265,237
  • 58
  • 395
  • 493
  • @user234194: Make the file on the client. The server doesn't normally check where the client is coming from (that'd be a real PITA). – Donal Fellows Sep 04 '10 at 21:34