views:

192

answers:

1

Under my project, I have a Java class file, inside of which I have a routine which executes the following external SFTP script file:

#!/bin/sh
echo "cd AV/OASIS" >> sftp
echo "put $1 $2" >> sftp
echo "get AV/OASIS/$2 $3$2" >> sftp
echo "bye" >> sftp
/usr/local/bin/sftp -b sftp id@domain
cat /dev/null > sftp
exit 0

The Java code which executes the script file is as below:

String script = "full path of script";
Process p = Runtime.getRuntime().exec(script + " " + param1 + " " + param2 + " " + param3);

However, I'm not sure why, but the log generated by the class file always shows the error "Host key verification failed. Connection closed."

I'd isolated that line in the script which connected to the remote machine, and ran it on the local machine (where this class file and script file are stored), and the command executed successfully

I'd manually run the command which the Java class file will execute and it also tested okay:

$ script.sh param1 param2 param3

I'd tried to look up the error message on the Internet, and apparently it seems to have something to do with known_hosts. Could this be the reason, or is there something else I'm missing?

Thanks so much!

+2  A: 

The reason the host key would fail to verify on one machine and not on another is because one machine will have connected before and another not. If the machine hasn't connected to the host before, it won't have the host key to verify against. The host key can fail to verify for a number of reasons - for malicious reasons, like someone is engaging in a man-in-the-middle attack, and for non-malicious reasons like the hostname of the remote machine has changed.

The way to fix it is to remove the line from your known_hosts file in ~/.ssh

On a side note, you do know that you don't have to shell out for SFTP/SCP? JSch exists and will let you use SFTP/SCP in Java. You should probably do this because it'll work on non-Unix platforms like Windows and you have a bit more control over things like known_hosts. It's pretty easy to use.

Tom Morris
Hi Tom, thanks for your reply."The reason the host key would fail to verify on one machine and not on another is because one machine will have connected before and another not."Not sure if I understood right, but I ran the command on the machine where the Java class is stored, and the script could execute. Since the Java class is running exactly the same command on the same machine, shouldn't it also have the same privileges?Regarding your side note, I really wish I could use it, but my hands are tied with regards to code changes so I'm trying to make do with the existing.
ohseekay