The SFTP agent uses a file with known host keys to validate the server identity during connection setup. The location and naming of this file is managed through the Execution Context property:
|
It is set in the <pico name>.xml
file of the relevant EC to manage where the file is saved. The default value is ${mz.home}/etc/ssh/known_hosts
.
The SSH implementation uses JCE (Java Cryptography Extension), which means that there may be limitations on key sizes for your Java distribution. This is usually not a problem. However, there may be some cases where the unlimited strength cryptography policy is needed. For instance, if the host RSA keys are larger than 2048 bits (depending on the SSH server configuration). This may require that you update the Java Platform that runs the EC.
For unlimited strength cryptography on the Oracle JRE, download the JCE Unlimited Strength Jurisdiction Policy Files from http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html. Replace the jar files in $JAVA_HOME/jre/lib/security with the files in this package.
The OpenJDK JRE does not require special handling of the JCE policy files for unlimited strength cryptography.
Add Comment