The host key is invalid or was not accepted

Question

I'm trying to work with my engineer to set up an sftp server and connect to it using SSHFTPClient and not getting very far. We are getting a KeyExchangeException that reads as per the subject of this thread. So we are please that at least the machines are saying 'hiya'.

We have generated an openssh client key and using this to authenticate with host (IP), username and password.

We are in painful trial and error mode to work through this so I'm posting this in the hope that someone may respond to point out how stupid we are.

The price for the privilage of being rude about us is to simultaneously deliver some positive (and relevant) guidance.

Come on now.. who's going to pass up an opportunity to be rude to a couple of guys who fell at the first fence?

Answer 1

You need to decide what authentication method you wish to use - password or public key (KBI in next release, very soon).

It sounds like you want password auth to start with - so you don't need a client key - just a user account on the SSH server. Make sure password auth is enabled BTW.

Next, make sure you can log in with FileZilla or a commandline ssh client. Forget about SSHFTPClient until you can log in this way - it will save you quite a bit of grief.

Once this works, SSHFTPClient should work quite easily. There's some useful demo code and info in the SFTP example 6 as well as in the Developer's Guide.

I'm trying to work with my engineer to set up an sftp server and connect to it using SSHFTPClient and not getting very far. We are getting a KeyExchangeException that reads as per the subject of this thread. So we are please that at least the machines are saying 'hiya'.

We have generated an openssh client key and using this to authenticate with host (IP), username and password.

We are in painful trial and error mode to work through this so I'm posting this in the hope that someone may respond to point out how stupid we are.

The price for the privilage of being rude about us is to simultaneously deliver some positive (and relevant) guidance.

Come on now.. who's going to pass up an opportunity to be rude to a couple of guys who fell at the first fence?

Answer 2

Thanks.

I can connect with FileZilla and WinSCP but they both ask me if I want to store the Key in the cache.

I have used example 6 and running the following in a bean method from jsp...

ftp.setType(FTPTransferType.ASCII);
ftp.setRemoteHost(args[0]);

ftp.getValidator().loadKnownHosts("known_hosts.txt");
ftp.setAuthentication(args[3], args[1], args[2]);

ftp.connect();

... where args[0] = host(IP), args[1] = username, args[2] = password = passphrase, args[3] = client key file

running this gives me...
SSHFTPException: Could not authenticate SSH client: FAILED

which is liste in the FAQ so we verified that the ssh_config is set ok.

Still no joy.

Does any of this help to clarify my situation for you?

Answer 3

Ah, this is the server's public key, which you can later use for server authentication (add to known_hosts file, or let ssh commandline client do it for you).

For password auth just use setAuthentication(username,password)

Thanks.

I can connect with FileZilla and WinSCP but they both ask me if I want to store the Key in the cache.

I have used example 6 and running the following in a bean method from jsp...

ftp.setType(FTPTransferType.ASCII);
ftp.setRemoteHost(args[0]);

ftp.getValidator().loadKnownHosts("known_hosts.txt");
ftp.setAuthentication(args[3], args[1], args[2]);

ftp.connect();

... where args[0] = host(IP), args[1] = username, args[2] = password = passphrase, args[3] = client key file

running this gives me...
SSHFTPException: Could not authenticate SSH client: FAILED

which is liste in the FAQ so we verified that the ssh_config is set ok.

Still no joy.

Does any of this help to clarify my situation for you?

Answer 4

Thanks for the help - its working now just using username and password with the knownhosts file passed to the validator.