Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Configuring known_hosts in jgit

Tags:

java

git

ssh

jsch

jgit

Using jgit with gitolite for source control, I have an application that generates certain code on command and which we want to be committed to source control. The goal is to pull with a fast forward, commit the new code, and then push it.

I have the following method:

private void commitToGitRepository(String updateComment, Config config)
      throws IOException, NoFilepatternException, GitAPIException
{
   if(git == null)
   {
      git = Git.open(new File(config.getDpuCheckoutDir()));
   }
   PullCommand pull = git.pull();
   pull.call();
}

This method fails on the pull.call() method call, with the following exception:

com.jcraft.jsch.JSchException: UnknownHostKey: www.somehost.com. RSA key fingerprint is 9d:92:a9:c5:5d:cb:5f:dc:57:ff:38:7e:34:31:fe:75
at com.jcraft.jsch.Session.checkHost(Session.java:748)
at com.jcraft.jsch.Session.connect(Session.java:319)
at org.eclipse.jgit.transport.JschConfigSessionFactory.getSession(JschConfigSessionFactory.java:116)
at org.eclipse.jgit.transport.SshTransport.getSession(SshTransport.java:121)
at org.eclipse.jgit.transport.TransportGitSsh$SshFetchConnection.<init>(TransportGitSsh.java:248)
at org.eclipse.jgit.transport.TransportGitSsh.openFetch(TransportGitSsh.java:147)
at org.eclipse.jgit.transport.FetchProcess.executeImp(FetchProcess.java:136)
at org.eclipse.jgit.transport.FetchProcess.execute(FetchProcess.java:122)
at org.eclipse.jgit.transport.Transport.fetch(Transport.java:1104)
at org.eclipse.jgit.api.FetchCommand.call(FetchCommand.java:128)
at org.eclipse.jgit.api.PullCommand.call(PullCommand.java:245)
at net.intellidata.dpu.controller.schema.EntityMappingController.commitToGitRepository(EntityMappingController.java:149)
... (truncated where it meets my code)

The way I read this, it seems that it's not finding my known_hosts file in user_home/.git. However, I've been searching for an hour and I'm not finding a way to configure JGit to tell JSch where to look for the known_hosts file.

Suggestions? I know the entry for the origin is present in my known_hosts file

like image 918
StormeHawke Avatar asked Apr 05 '13 20:04

StormeHawke


1 Answers

This answer mentions:

jsch.setKnownHosts("C:\\Users\\aUsername\\known_hosts");

But you are using jgit, and not jsch (the Java secure shell) directly, so let's see:

C:\Users\VonC\prog\git>git clone https://github.com/eclipse/jgit
Cloning into 'jgit'...
remote: Counting objects: 37854, done.
remote: Compressing objects: 100% (7743/7743), done.
remote: Total 37854 (delta 22009), reused 34367 (delta 18831)
Receiving objects: 100% (37854/37854), 6.73 MiB | 1.37 MiB/s, done.
Resolving deltas: 100% (22009/22009), done.

C:\Users\VonC\prog\git>cd jgit

C:\Users\VonC\prog\git\jgit>grep -nrHI "setKnownHosts" *
org.eclipse.jgit/src/org/eclipse/jgit/transport/JschConfigSessionFactory.java:262:                              sch.setKnownHosts(in);

Found it!

This comes from JschConfigSessionFactory.java#knownHosts(), and looks like:

new File(new File(home, ".ssh"), "known_hosts");
# with:
home = fs.userHome();

userHome is based on System.getProperty("user.home").

So make sure your java session has a user.home defined, and that you have a %USERPROFILE%/.ssh/known_hosts file in there.

(user.home should be set by java to %USERPROFILE% for Windows, that is, if you are on Windows: in some case, this won't always work).


Now if you do have a %USERPROFILE%/.ssh/known_hosts, then, as mentioned here

Just SSH to the client (using command-line ssh tool), this will add entry to your ~/.ssh/known_hosts file.


In this case, the StormeHawke mentions in the comments:

since I'm running this in Tomcat as a windows service, Jsch (and by extension JGit) was looking not in my user folder but in the SYSTEM account's home folder for the .ssh folder.
In this case I went ahead and just copied the .ssh folder into the SYSTEM home folder since Tomcat only runs on my machine for development and testing purposes (Probably not the best security policy but the risk is minimal in this case).

From this question, this one, that directory for the LocalSystem Account should be:

C:\Documents and Settings\Default User
# or Wind7 / 2008
C:\Windows\System32\Config\systemprofile

The OP mentions:

According to this call:

 System.out.println(System.getProperty("user.home")); 

the default SYSTEM home directory for Windows7 (and presumably any other NT-based Windows system) is simply C:\.
(so not ideal, but for a quick fix, it works).

like image 119
VonC Avatar answered Sep 30 '22 09:09

VonC