0

I am working on the following python code to download files using pysftp

import pysftp

host = 'xxx.yyy.solutions'
port = 22
username = 'Abc.xyz'
password= '1234_abcd$'
cnopts=pysftp.CnOpts()

cnopts = pysftp.CnOpts(knownhosts='known_hosts')
conn = pysftp.Connection(host=host,username=username, password=password,cnopts=cnopts)

But the above code generates an exception

pysftp.exceptions.HostKeysException: No Host Keys Found

The ssh-keyscan 'xxx.yyy.solutions' command shows the output as

ssh-keyscan out put

user1716729
  • 387
  • 1
  • 6
  • 19
  • Does this answer your question? [Verify host key with pysftp](https://stackoverflow.com/questions/38939454/verify-host-key-with-pysftp) – Martin Prikryl Mar 16 '22 at 17:29

1 Answers1

0

For anyone still having trouble with this create a folder in your user called ".ssh" and then create a file named "known_hosts" in that folder. Afterward, run the below code to create a host key for your site.

import pysftp

Hostname = "your_hostname"
Username = 'your_username'
Password = "your_password"
Port = 22

host = Hostname

# Loads .ssh/known_hosts    
cnopts = pysftp.CnOpts()

hostkeys = None

if cnopts.hostkeys.lookup(host) == None:
    print("New host - will accept any host key")
    # Backup loaded .ssh/known_hosts file
    hostkeys = cnopts.hostkeys
    # And do not verify host key of the new host
    cnopts.hostkeys = None

with pysftp.Connection(Hostname, username=Username, password=Password, port=Port, cnopts=cnopts) as sftp:
    if hostkeys != None:
        print("Connected to new host, caching its hostkey")
        hostkeys.add(
            host, sftp.remote_server_key.get_name(), 
                sftp.remote_server_key)
        hostkeys.save(pysftp.helpers.known_hosts())

Finally, add the below code creating the connection object, the issue will be resolved and is better than disabling cynopts

cnopts = pysftp.CnOpts()
cnopts.hostkeys.load('C:/Users/_your_user_/.ssh/known_hosts')

I am not sure if this is the best way to go about it but this is the solution that I found after months of digging.

KHCJR0587
  • 1
  • 1
  • What the *"file named "local_host""* good for? You never use it in your code. + Why don't you simply use `ssh-keyscan`? See [Verify host key with pysftp](https://stackoverflow.com/q/38939454/850848). – Martin Prikryl Dec 14 '22 at 06:55
  • I tried that approach but couldn't get it to work, I also corrected the typo, I meant known_hosts. For some reason, the code would error out if there wasn't a file in that folder already named "known_hosts", why idk. – KHCJR0587 Dec 14 '22 at 12:51
  • You should not use pysftp in the first place. It's abandoned project. And yes, it has known issues with `known_hosts` among others. My answer to the linked question says that too. And that still does not explain why you don't use `ssh-keyscan`. – Martin Prikryl Dec 14 '22 at 13:36
  • *I tried that approach but couldn't get it to work*....What I posted worked for me; is it the best solution? Let me reiterate the last sentence in my original comment: "I am not sure if this is the best way to go about it but this is the solution that I found after months of digging." – KHCJR0587 Dec 14 '22 at 14:07
  • The best way is not to use pysftp. Use Paramiko instead. – Martin Prikryl Dec 14 '22 at 15:13