SSH: Server's host key has been rejected by user.

When attempting to connect, I get the error "Server's host key has been rejected by user".

Date Entered: 06/05/2008    Last Updated: 03/22/2012

When establishing an SSH connection, the server always presents a key to the connecting client. If the key is not already trusted you will see the error "Server's host key has been rejected by user".

In order to resolve this problem, you can:

  1. Set the SSHAcceptServerHostKey property to public key.
  2. Accept the key via the SSHServerAuthentication event.
  3. Set the SSHAcceptServerHostKeyFingerPrint configuration setting. Note: In earlier versions of the toolkit and in the BizTalk adapter and SSIS tasks the SSHAcceptServerHostKey property is a string type and accepts fingerprint values.
  4. Set the SSHAcceptAnyServerHostKey configuration setting.

The SSHAcceptServerHostKey property is a Certificate type and can be set to the e.HostKey value obtained from within the SSHServerAuthentication event.

If you are using the BizTalk adapter, you may set the SSH Accept Server Host Key property to the public key file. To accept any host key, expand the SSH Accept Server Host Key property and set the Accept Any field to Yes. To accept the key based on the fingerprint set the Other property to "SSHAcceptServerHostKeyFingerPrint=a1:2b:3c...".

If you are using the SSIS task, you may set the SSHAcceptServerHostKey property to the public key file. To accept any host key, set the SSHAcceptServerHostKeyAcceptAny property to True. To accept the key based on the fingerprint set the Other property to "SSHAcceptServerHostKeyFingerPrint=a1:2b:3c...".

In order to accept the key programmatically with the component you may follow this example:

C# 
sftp.SSHAcceptServerHostKey = 
    new Certificate(CertStoreTypes.cstSSHPublicKey, myHostKeyB, "", "");
//Where myHostKyeB is a byte array containing the host key
//obtained from SSHServerAuthentication event.

//Or
sftp.Config("SSHAcceptServerHostKeyFingerPrint=59:52:c8:db:...";
//The fingerprint may be obtained from the SSHServerAuthentication event.

//Or
sftp.Config("SSHAcceptAnyServerHostKey=true");

Or in the SSHServerAuthentication event:

 e.Accept = true 

We appreciate your feedback.  If you have any questions, comments, or suggestions about this entry please contact our support team at kb@nsoftware.com.