On Mon, Jun 18, 2012 at 2:19 PM, Siano, Stephan <[email protected]>wrote:
> Just some additional information: > I checked the jsch-users mailing list and found the following: > http://sourceforge.net/mailarchive/message.php?msg_id=28163308 > > So it looks that the behavior is not a bug but intended by the jsch > developers (strictHostKeyChecking actually means no host key checking at > all). I think that should definitely be mentioned in the documentation. > > Thanks for spotting. If you consider helping out with the docs, then read a bit here http://camel.apache.org/contributing.html To actually edit the docs yourself an ICLA need to be signed with Apache, as saying here http://camel.apache.org/how-do-i-edit-the-website.html An alternative is to open a JIRA ticket and attach a .txt file or patch etc. with [x] in grant license to ASF. Then we can take that and fold it into the docs. As we love contributions its great when the community can help maintain the docs directly. > Stephan > > > -----Original Message----- > From: Siano, Stephan [mailto:[email protected]] > Sent: Montag, 18. Juni 2012 13:54 > To: [email protected] > Subject: Documentation for sftp incorrect or misleading? > > I am doing some experiments with the sftp connection of the camel ftp > component (in Camel 2.9.2). I have found some unexpected behavior during > these tests: > > If the strictHostKeyChecking parameter is set to "no" (default) and the > file exists and does not contain a host key for the host that is connected, > a warning is logged and the key is written into the known hosts file (as > defined in the knownHostsFile parameter). This is to be expected, however > if there is already a key in the file (or the file exists) there is NO > error or warning and the connection is successful, which is definitely not > what I would expect. > > If strictHostKeyChecking is set to "yes" or "ask" the connection fails, if > the key is wrong was well as if the key is not in the file. (I haven't > tried this with a non-existing file). I think the error is somewhere in the > jsch coding (that does host checking at all only if the strictHostChecking > parameter is set to "yes" or "ask"), however I think that at least > something about this should be mentioned in the ftp component documentation. > > Stephan > -- Claus Ibsen ----------------- FuseSource Email: [email protected] Web: http://fusesource.com Twitter: davsclaus, fusenews Blog: http://davsclaus.com Author of Camel in Action: http://www.manning.com/ibsen
