This project has moved. For the latest updates, please go here.

Where is known_hosts?

Dec 1, 2008 at 10:40 AM
We have a clustered SFTP server and have a problem with host keys. 

Type: System.Exception
Target: Void CheckHostKey()
Message: HostKey does not match previously retrieved HostKey.
Stacktrace:
   at Blogical.Shared.Adapters.Sftp.SharpSsh.Sftp.CheckHostKey()
   at Blogical.Shared.Adapters.Sftp.SharpSsh.Sftp.connect(Boolean force)

This is probably caused by a failover in the cluster. We are looking how to fix this issue on the server but how can we reset the client to trust to the server.

Regards,

Antti
Dec 1, 2008 at 11:08 AM
I was able to locate the file in the Isolated Storage of BizTalk host service account. The name of the file is SftpHostFiles.config.
Dec 1, 2008 at 12:25 PM
Now the only problem is that every time there is a failover in the cluster where the SFTP service resides, the adpater fails because it cannot handle a different hostkey. Any workarounds or suggestions?

Regards,

Antti
Coordinator
Dec 1, 2008 at 3:52 PM
Hi Antti,
There are no "workarounds" to this problem other than to change the code. However that is a pretty small thing to do. After you downloaded the source code, open the \SharpSsh\Sftp.cs file in the Blogical.Shared.Adapters.Sftp project. Find the CheckHostKey() method and comment out the code in this method.

        void CheckHostKey()
        {
            /* Don't check for HostKey
            object hostKey = ApplicationStorageHelper.GetHostKey(this._applicationStorage, this._host);

            if (hostKey == null)
            {
                this._applicationStorage.Add(new ApplicationStorage(this._host, this._sftp.HostKey.getKey()));
                ApplicationStorageHelper.Save(this._applicationStorage);
            }
            else if (hostKey.ToString() != this._sftp.HostKey.getKey())
                throw ExceptionHandling.HandleComponentException(System.Reflection.MethodBase.GetCurrentMethod(),
                       new Exception("HostKey does not match previously retrieved HostKey."));
            */
        }


Let me know if you run into any problems.
HTH
//Mikael
Jul 2, 2009 at 3:03 AM

Mikael,

I had a situation where our client changed sFTP Server and Keys and we ran into this exact error. I changed the code as you suggested and everything now works fine. Except now for some reason every few seconds there is some sort of key handshake happening between the two servers resulting in about 3G of handhake traffic each day. Is this a result of this code change or something else?

Any help would be appreciated.

Jody.

Coordinator
Jul 10, 2009 at 2:45 PM

I'm on vaccation at the moment, but plan to work on some updates on the adapter when I get back.

Jul 27, 2009 at 11:19 PM

Thanks for that, but can you offer any explanation as to the behaviour I am experiencing? it is becoming a major issue for my companies implementation at the moment.

Thanks.

jody

Coordinator
Jul 28, 2009 at 9:16 AM
Edited Jul 28, 2009 at 9:17 AM

I'm not sure if it makes any differance removing the code as above. It would have been enough just to remove the hostkey.

From documentation:

a.     Managing Host Keys 

Every time the adapter connects to a host, it will receive a HostKey from the server. After the HostKey is received it is checked against the key received from prior connections, to ensure the host to be the same. If it’s not the same the connection will fail and an exception will be thrown:

"HostKey does not match previously retrieved HostKey."

 

When the host is called for the first time, the new HostKey is added automaticly.

The HostKey is saved in the SftpHostFiles.config file witch can be found at ”\Local Settings\Application Data\IsolatedStorage\”  for the user that runs the BizTalk host instance.

 

In your case, just remove the key in the SftpHostFiles.config from the location above.

HTH

//Mikael