[
https://issues.apache.org/activemq/browse/CAMEL-2308?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=56622#action_56622
]
Edson Cimionatto commented on CAMEL-2308:
-----------------------------------------
Claus,
JSch does not validate the known_hosts if StrictHostKeyChecking is no.
I prepared a integration test case...
import java.util.Properties;
import org.junit.Test;
import com.jcraft.jsch.JSch;
import com.jcraft.jsch.JSchException;
import com.jcraft.jsch.Session;
public class JSchTest {
private void createConnectionAndCheckHostKey(String
strictHostKeyChecking)
throws JSchException {
Session session;
JSch jsch = new JSch();
jsch.setKnownHosts("c:\\known_hosts");
session = jsch.getSession("user", "hostname", 223);
session.setPassword("password");
Properties config = new Properties();
config.setProperty("StrictHostKeyChecking",
strictHostKeyChecking);
session.setConfig(config);
session.connect();
}
@Test
public void testJSchTestStrictKeyCheckingNo() throws JSchException {
createConnectionAndCheckHostKey("no");
}
@Test(expected = JSchException.class)
public void testJSchTestStrictKeyCheckingYes() throws JSchException {
createConnectionAndCheckHostKey("yes");
}
}
I hope I helped!
--
Edson Cimionatto
> StrictHostKeyChecking Url Option
> --------------------------------
>
> Key: CAMEL-2308
> URL: https://issues.apache.org/activemq/browse/CAMEL-2308
> Project: Apache Camel
> Issue Type: Improvement
> Components: camel-ftp
> Affects Versions: 2.0.0, 2.1.0
> Reporter: Edson Cimionatto
> Assignee: Claus Ibsen
> Fix For: 2.2.0
>
>
> Camel users will appreciate a new url option that sets JSch Session
> StrictHostKeyChecking to "no" . Preferably, this new option will work just
> like URI Options knownHosts. This improvement will facilitate bypass sftp/ssh
> key authentication.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
