SFTP without host key verification using J2SSH

In this post we will see how to make SFTP connection using J2SSH library and by pass host key verification.When client connects to server using SFTP, server provides public key to the client for verification.While connecting to a unknown host, it asks for key verification.Once, we allow it
key exchange takes place and user authentication can be done after that.

Sample message :

The host shell.fuzion.com is currently unknown to the system
The host key fingerprint is: 1028: 69 54 9c 49 e5 92 59 40 5 66 c5 2e 9d 86 af ed
Do you want to allow this host key? [Yes|No|Always]:

Sometimes, you may want to override this for uninterrupted operation.

In J2SSH 0.2.9 there is a method IgnoreHostKeyVerification(), which simply ignore the process.

Please go through following code for the reference.

SshClient ssh = new SshClient();try {
ssh.connect(hostname,22,new IgnoreHostKeyVerification()); //standard port 22 is used
}catch (Exception ex){
System.out.println(“Error connecting …”+ex.getMessage()+”\n”);
ex.printStackTrace();
}

PasswordAuthenticationClient passwordAuthenticationClient =
new PasswordAuthenticationClient();
passwordAuthenticationClient.setUsername(USERNAME);
passwordAuthenticationClient.setPassword(PASSWORD);

int result = ssh.authenticate(passwordAuthenticationClient);

if(result==AuthenticationProtocolState.FAILED)
System.out.println(“The authentication failed”);

if(result==AuthenticationProtocolState.PARTIAL)
System.out.println(“The authentication succeeded but another authentication is required”);

if(result==AuthenticationProtocolState.COMPLETE)
System.out.println(“The authentication is complete”);

// Open the SFTP channel
SftpClient sftp = ssh.openSftpClient();

sftp = ssh.openSftpClient();

//filepath is the file to be copied and fos is the destination file output stream
sftp.get(“filepath”,”fos”);

Note: For older verison of J2SSH you can try using AlwaysAllowingConsoleKnownHostsKeyVerification class .

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *