Hi,
FYI, you may want to use
Session#setHostKeyAlias(String)
to detect the Man-in-The-Middle attack.
+-From: Andre Charbonneau <[EMAIL PROTECTED]> --
|_Date: Mon, 14 Apr 2008 09:23:08 -0400 _______________________
|
|Supposing we have 3 systems, A, B and C, here is how I do it in my
|application:
| JSch jsch = new JSch();
| session = jsch.getSession(
| "<username on system B>", "<hostname of system B>",
| "<ssh port on system B>");
| UserInfo ui = MyUserInfo();
| session.setUserInfo(ui);
| session.connect();
| int assinged_port = session.setPortForwardingL(
| 0, "<hostname of system C>", "<ssh port on system C>");
| Session session2 = jsch.getSession(
| "<username on system C>", "127.0.0.1", assinged_port);
| session2.setUserInfo(ui);
session2.setHostKeyAlias("<hostname of system C>"); // !!
| session2.connect();
Without using "Session#setHostKeyAlias(String)",
the hostkey of "system C" will be saved into "known_hosts"
as the key for "127.0.0.1:assigned_port"
Sincerely,
--
Atsuhiko Yamanaka
JCraft,Inc.
1-14-20 HONCHO AOBA-KU,
SENDAI, MIYAGI 980-0014 Japan.
Tel +81-22-723-2150
+1-415-578-3454
Fax +81-22-224-8773
Skype callto://jcraft/
-------------------------------------------------------------------------
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference
Don't miss this year's exciting event. There's still time to save $100.
Use priority code J8TL2D2.
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
_______________________________________________
JSch-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/jsch-users
