is it safe to disable check for known_hosts when trying to connect to sftp server with JSch java
Question
i try to connect to sftp server in my local machine i generate the knownHosts file with the command ssh and i use it like jsch.setKnownHosts(knownHosts); but i would to run my job in other machine wish i didn't have access to his knownHosts file
so i decided to disable the check of this rsa key and i wont to know if the action is safe i will use this line to disable it
session.setConfig("StrictHostKeyChecking", "no");
1 answers
solution1
0 2020-03-04 01:11:21
The question itself has a comment about its safety, but I would like to add that if you don't want to have the StrictHostKeyChecking set as "no", and do not want to rely on a knownHosts file, I would recommend you to:
1) Generate the host fingerprint in a way that's compatible with Jsch, please refer to this question . You can output the generated fingerprint to another file or elsewhere as needed.
2) You can then get the generated value and store it as a variable (environment variable, config file, property, etc.) so that your application can use it. You can pass this fingerprint (not filepath) to Jsch with the setKnownHosts method.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.