I am trying to connect to a remote server using the SshClient of java library Apache MINA SSHD.
I want to pass my known_hosts file also to the SshClient so that the hosts are also verified before connecting to the server.
I need to use the class KnownHostsServerKeyVerifier to pass the known hosts the the client like below
ServerKeyVerifier hostsServerKeyVerifier = new KnownHostsServerKeyVerifier(null, Paths.get("<path_to_known_hosts>/known_hosts"));
client.setServerKeyVerifier(hostsServerKeyVerifier);
The contructor of KnownHostsServerKeyVerifier need below arguments
public KnownHostsServerKeyVerifier(ServerKeyVerifier delegate, Path file)
But I don't understand what and how to pass for the argument ServerKeyVerifier
Can someone explain me how to make this work or is there some other approach to pass the known_hosts file to the SshClient ?
The delegate in the constructor of KnownHostsServerKeyVerifier used for signature checks of previously unknown hosts. see Apache mina-sshd github
Invoked if none of the known hosts matches the current one - by default invokes the delegate. If the delegate accepts the key, then it is appended to the currently monitored entries and the file is updated.
So the suggestion is to use either:
org.apache.sshd.client.keyverifier.RejectAllServerKeyVerifier.INSTANCE
org.apache.sshd.client.keyverifier.AcceptAllServerKeyVerifier.INSTANCE
depending on how you would like to handle unknown host signatures, that are not provided in your known-hosts file.