I have a strange problem with sshj (I am using sshj v0.6.0), for which I need some help from someone. Public key authentication works fine on some machines, but doesn't work fine on other machines, and I see an error below.
The only difference I could make out was that the UNIX identifier in question, because of coonradt, seems to have the following configuration configuration in ~ / .ssh / config only in the field where the following errors are triggered.
Host * Protocol 1,2 FallBackToRsh no ForwardAgent yes ForwardX11 yes PasswordAuthentication yes RhostsAuthentication no RhostsRSAAuthentication no RSAAuthentication yes NoHostAuthenticationForLocalhost yes StrictHostKeyChecking no KeepAlive yes
From the above configuration file, I found out that the intended ID should use protocol 1.2, and I suspect this may have something to do with my errors (I'm not very sure about this, but this is just a hunch)
For all other UNIX identifiers for which this works fine, I do not have such a configuration file.
PS: I cannot change the configuration of the UNIX identifier "coonradt" because this identifier is used by the hudson central servers.
I am amazed if someone can help me advise what might be wrong here.
The following is the error that I see:
Oct 24, 2011 2:30:37 AM net.schmizz.sshj.DefaultConfig initCipherFactories WARNING: Disabling high-strength ciphers: cipher strengths apparently limited by JCE policy Oct 24, 2011 2:30:38 AM net.schmizz.sshj.transport.TransportImpl init INFO: Client identity string: SSH-2.0-SSHJ_0_6_0 Oct 24, 2011 2:30:38 AM net.schmizz.sshj.transport.TransportImpl init INFO: Server identity string: SSH-1.99-OpenSSH_4.3 Oct 24, 2011 2:30:38 AM net.schmizz.sshj.transport.KeyExchanger sendKexInit INFO: Sending SSH_MSG_KEXINIT Oct 24, 2011 2:30:38 AM net.schmizz.sshj.transport.KeyExchanger handle INFO: Received SSH_MSG_KEXINIT Oct 24, 2011 2:30:38 AM net.schmizz.sshj.transport.kex.AbstractDHG init INFO: Sending SSH_MSG_KEXDH_INIT Oct 24, 2011 2:30:38 AM net.schmizz.sshj.transport.KeyExchanger handle INFO: Received kex followup data Oct 24, 2011 2:30:38 AM net.schmizz.sshj.transport.kex.AbstractDHG next INFO: Received SSH_MSG_KEXDH_REPLY Oct 24, 2011 2:30:38 AM net.schmizz.sshj.transport.TransportImpl die SEVERE: Dying because - net.schmizz.sshj.transport.TransportException: [HOST_KEY_NOT_VERIFIABLE] Could not verify `ssh-rsa` host key with fingerprint `ca:0b:b3:7f:53:5a:e3:bc:bf:44:63:d8:2d:26:c0:41` for `mymachine.domain.com` on port 22 Oct 24, 2011 2:30:38 AM net.schmizz.concurrent.Promise tryRetrieve SEVERE: <<kex done>> woke to: net.schmizz.sshj.transport.TransportException: [HOST_KEY_NOT_VERIFIABLE] Could not verify `ssh-rsa` host key with fingerprint `ca:0b:b3:7f:53:5a:e3:bc:bf:44:63:d8:2d:26:c0:41` for `mymachine.domain.com` on port 22 Oct 24, 2011 2:30:38 AM net.schmizz.sshj.transport.TransportImpl setService INFO: Setting active service to null-service Oct 24, 2011 2:30:38 AM com.test.jaws.execution.ssh.impl.SSHJClientImpl$ExceptionHandler handleSevereCondition SEVERE: mymachine.domain.com is not added to your /x/home/coonradt/.ssh/known_hosts file. Throwable occurred: net.schmizz.sshj.transport.TransportException: [HOST_KEY_NOT_VERIFIABLE] Could not verify `ssh-rsa` host key with fingerprint `ca:0b:b3:7f:53:5a:e3:bc:bf:44:63:d8:2d:26:c0:41` for `mymachine.domain.com` on port 22 at net.schmizz.sshj.transport.KeyExchanger.verifyHost(KeyExchanger.java:222) at net.schmizz.sshj.transport.KeyExchanger.handle(KeyExchanger.java:373) at net.schmizz.sshj.transport.TransportImpl.handle(TransportImpl.java:477) at net.schmizz.sshj.transport.Decoder.decode(Decoder.java:127) at net.schmizz.sshj.transport.Decoder.received(Decoder.java:195) at net.schmizz.sshj.transport.Reader.run(Reader.java:72)