Skip to content

Use public key fingerprint in Java Spring Boot application to solve “The authenticity of host ‘xxxx’ can’t be established”

I have a Java Spring Boot application which is using the spring-integration-sftp dependency to connect to an SFTP server. I get an error

The authenticity of host ‘xxxx’ can’t be established

and I know this can easily be rid of by setting the sftpSessionFactory.setAllowUnknownKeys(true), but that is not a good practice and I would rather not do that.

I have the below SFTP server’s public key fingerprint. How can I use that to safely connect to my SFTP server so that my host is known? What should I additionally set in the sftpSessionFactory?

SHA256: uqe0Rt6BqvK65bFnihm1SyG9mlw8ZOsvyI+LxzLqiso  &
MD5:   40:cc:1f:9f:91:e9:47:a3:d8:fc:0b:72:a4:3d:55:78

Answer

Use DefaultSftpSessionFactory.setKnownHosts to provide a path to known_hosts-like file with the host key of the server.


The spring-integration-sftp uses JSch under the hood, so for more details, see:
How to resolve Java UnknownHostKey, while using JSch SFTP library?