I have a Java Spring Boot application which is using the spring-integration-sftp dependency to connect to an SFTP server. I get an error
The authenticity of host ‘xxxx’ can’t be established
and I know this can easily be rid of by setting the sftpSessionFactory.setAllowUnknownKeys(true), but that is not a good practice and I would rather not do that.
I have the below SFTP server’s public key fingerprint. How can I use that to safely connect to my SFTP server so that my host is known? What should I additionally set in the sftpSessionFactory?
SHA256: uqe0Rt6BqvK65bFnihm1SyG9mlw8ZOsvyI+LxzLqiso & MD5: 40:cc:1f:9f:91:e9:47:a3:d8:fc:0b:72:a4:3d:55:78
Advertisement
Answer
Use DefaultSftpSessionFactory.setKnownHosts to provide a path to known_hosts-like file with the host key of the server.
The spring-integration-sftp uses JSch under the hood, so for more details, see:
How to resolve Java UnknownHostKey, while using JSch SFTP library?