cswhwang
commented
4 months ago And I enabled config.put("StrictHostKeyChecking", "yes");
This host key I was using equals to the known host key in server side.
Closed cswhwang closed 4 months ago
cswhwang
commented
4 months ago And I enabled config.put("StrictHostKeyChecking", "yes");
This host key I was using equals to the known host key in server side.
cswhwang
commented
4 months ago Update findings:
if (JavaVersion.getVersion() >= 15) {
config.put("keypairgen.eddsa", "com.jcraft.jsch.jce.KeyPairGenEdDSA");
config.put("ssh-ed25519", "com.jcraft.jsch.jce.SignatureEd25519");
config.put("ssh-ed448", "com.jcraft.jsch.jce.SignatureEd448");
} else {
config.put("keypairgen.eddsa", "com.jcraft.jsch.bc.KeyPairGenEdDSA");
config.put("ssh-ed25519", "com.jcraft.jsch.bc.SignatureEd25519");
config.put("ssh-ed448", "com.jcraft.jsch.bc.SignatureEd448");
}May I know why the ed25519 / ed448 were removed which caused the known hosts failure finally if using JDK15+?
norrisjeremy
commented
4 months ago Hi @cswhwang,
EdDSA is only supported natively in Java 15+ (see JEP 339 / JDK-8199231). We attempt to support EdDSA via Bouncy Castle for older Java versions assuming that Bouncy Castle is found in the classpath.
If you are having problems with Java 15+, then you will need to provide us full JSch logs to better assist you.
Thanks, Jeremy
cswhwang
commented
4 months ago Thank you @norrisjeremy. This is very helpful. My issue with JDK17 has been resolved.
Hi,
I was seeing this error "reject HostKey: [localhost]:2022" when upgrading to OPEN JDK17.
But I did not face this issue when using OEPN JDK11.
Nothing changed beside the JDK version.
Could you please kindly give me some clue on this issue?
Thanks