We solved this problem. 1) Jsch uses the location $HOME/.ssh for the known_hosts file by default. - this location is $HOMEPATH/.ssh in Windows.
2) Open ssh uses this location too by default. 3) If you open an ssh session on the target host it will ask to add the credentials to this file. - however the session will fail as you should not have permission on an SFTP server to do this; but thats OK. 4) As Now you have the updated known_hosts file VFS:SFTP will now work with this host. Kim -----Original Message----- From: Asankha Perera [mailto:[email protected]] On Behalf Of Asankha C. Perera Sent: Monday, 6 April 2009 3:34 PM To: [email protected] Subject: Re: VFS Known Hosts Exception SFTP unusable Hi Kim > I am getting a known hosts exception when using SFTP with VFS. This is > obvious error, as Synapse has no idea of the SFTP hosts it can trust. So > jsch library can't find the known_hosts file as Synapse has not told it > where it is. Spent a few hours looking for somewhere to set this but can't > find it. > > Open SSH stores these in a know location, but Synapse-VFS doesn't know this; > as its not configured ? > Other applicatons that use Jsch library have a documented setting for this. > For Jsch this file could be anywhere as it is up to calling application to > configure it, with a call to setKnownHosts. > > Does Synapse VFS Mediator use a known location for "known_hosts" file ? > - where do I put the Key ? > - is there a setting for this in a config file ? > - is this documented ? > > If above is not implemented then can I tell VFS to just trust this host; is > this an VFS option in Synapse Mediator ? > - if Yes what is the syntax and should it be documented ? > - if not why is this not an option ? > > > Exception info ( note, I put in the XXX and LOCATION for security): > > FTP server at "sftp://XXX:[email protected]/";. > org.apache.commons.vfs.FileSystemException: Could not connect to SFTP server > at "sftp://XXX:[email protected]/";. > This seems like an obvious enhancement required. Can you open a JIRA with this information? BTW, I believe your server is using a certificate issued from a private certification authority?.. did you try importing its CA cert as a trusted into the JDK's trust store cacerts? cheers asankha -- Asankha C. Perera AdroitLogic, http://adroitlogic.org http://esbmagic.blogspot.com --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
