SSH connection using JAVA using ch.ethz.ssh2.Connection

Question

I'am trying to connect to a remote server over ssh2 using the lib ch.ethz.ssh2.Connection

connexion = new Connection(host);
connexion.connect();
boolean isOK = connexion.authenticateWithPassword(login, pass);

But I get an IOException in connexion.connect(); with this error message:

Connection closed (Signature sent by remote is wrong!)

I tried to connect to the same server using Putty, I get a message that tells me that the fingerprint is not what it expected, but if I click yes to confirm I can connect.

I read in Java Doc that I can ignore the verification of the key, but it's not recomended (http://www.ganymed.ethz.ch/ssh2/javadoc/ch/ethz/ssh2/Connection.html#connect%28ch.ethz.ssh2.ServerHostKeyVerifier,%20int,%20int%29).

What I'am looking for, is a way to change something in the server so I can connect correctely. I don't want to change the Java code.

Thanks,

Otmane MALIH

Answer 1

Well it turns out that it's due to bug in the version of ganymed I used.

I changed it from 001 to 209 and now everything works fine.

Thank you Aaron Digulla for your answers.

Answer 2

The remote fingerprint is cached somewhere on your computer. You need to do two things:

1. Find out why the remote fingerprint has changed. It's unlikely but possible that someone did tamper with your connection or the remote server.

2. Flush the cache. Check the documentation of your SSH framework how to do that. Next time you connect, the remote fingerprint will be cached anew.