Configuring Host Keys

Lee Painter

Every SSH server requires a set of keys that it uses to identify itself with connecting clients.

If you just want these to be generated automatically for you then you do not need to do anything more when using the SshServer based implementation. The server will generate a key for each type of public key algorithm supported by the API, save the file in the current working directory, which will then be loaded each time the server starts.

If you want more control over the loading of host keys then you should add them to your SshServer before starting it.

SshServer server = new SshServer(2222);

server.addHostKey(SshKeyUtils.getPrivateKey(new File("rsa_hostkey"), null));
server.addHostKey(SshKeyUtils.getPrivateKey(new File("ed25519_hostkey"), null));


If you want to support rsa-sha2-256 and rsa-sha2-512 signing algorithms for RSA keys then you need to reload your RSA keys with the methods on SshKeyUtils that convert a standard ssh-rsa key into these types.

server.addHostKey(SshKeyUtils.getRSAPrivateKeyWithSHA256Signature(new File("rsa_hostkey"), null));
server.addHostKey(SshKeyUtils.getRSAPrivateKeyWithSHA512Signature(new File("rsa_hostkey"), null));