Menu
Need to SSH to destination host through jumphost. Had tried the same mentioned in JSch JumpHosts example.
Session[] sessions = new Session[2];
Session session = null;
sessions[0] = session = jsch.getSession(getUserName(), "jumphost1.com", 22);
session.setPassword(getHostPassword());
UserInfo userInfo = new UserInfo();
userInfo.setPassword(getHostPassword());
session.setUserInfo(userInfo);
Properties prop = new Properties();
prop.put("StrictHostKeyChecking", "no");
prop.put("PreferredAuthentications", "publickey,keyboard-interactive,password");
session.setConfig(prop);
session.connect();
String host = "host1.com";
int assignedPort = session.setPortForwardingL(0, host, 22);
LOGGER.info("Jump host the {} of agent {} and port forwarding {}", i, host, assignedPort);
sessions[i] = session = jsch.getSession(getUserName(), "127.0.0.1", assignedPort);
session.setPassword(getHostPassword());
userInfo = new UserInfo();
userInfo.setPassword(getHostPassword());
session.setUserInfo(userInfo);
session.setHostKeyAlias(host);
session.connect();
Getting below exception when connection to destination host:
Caused by: com.jcraft.jsch.JSchException: reject HostKey: 127.0.0.1
at com.jcraft.jsch.Session.checkHost(Session.java:799)
at com.jcraft.jsch.Session.connect(Session.java:345)
at com.jcraft.jsch.Session.connect(Session.java:183)
I am trying to login to host host1.com through jumphost1.com
jumphost1.com
host1.com
host1
238
JSch fails to verify SSH server host key. Either your host key repository contains a different host key. Or JSch tries to prompt user to verify the host key manually by calling UserInfo.promptYesNo. And as your implementation returns false, the host key is rejected.
Dynamic Jumphost List The simplest way to connect to a target server via a jump host is using the -J flag from the command line. This tells ssh to make a connection to the jump host and then establish a TCP forwarding to the target server, from there (make sure you’ve Passwordless SSH Login between machines). $ ssh -J host1 host2
The second method is to use the ProxyCommand option to add the jumphost configuration in your ~.ssh/config or $HOME/.ssh/config file as shown. In this example, the target host is contabo and the jumphost is vps1.
A jump host (also known as a jump server) is an intermediary host or an SSH gateway to a remote network, through which a connection can be made to another host in a dissimilar security zone, for example a demilitarized zone (DMZ).
Your code for connecting through jumphost is correct.
The only problem is that your local host key repository contains a different host key for the second host, than what you receive from the real (second) host.
You actually do not seem to care about security, as you set StrictHostKeyChecking=no for the jumphost session (what the official example rightly does not do!). But you do not do the same for the second session, hence the error.
See also How to resolve Java UnknownHostKey, while using JSch SFTP library?
141
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
