Altova FlowForce Server 2024 Advanced Edition

Connects to an SSH server with SFTP support. You can use the SFTP connection object for other SFTP functions in subsequent steps. See also /system/sftp.

 

The /system/sftp/connect function might return an unconnected SFTP connection if the Abort on error parameter is set to false. The SFTP connection might also be lost during the execution of a job. In both cases, all subsequent steps with this connection will not succeed.

 

Parameters

Name

Type

Description

Host

string

Mandatory parameter. Address of the remote SFTP server, as a URL or IP address.

Port

number

Optional parameter. The port number used to connect to the SFTP server. The default value is 22.

Login credentials

credential

Optional parameter. Use the username and password of the SFTP account or select a FlowForce credential record with the username and password or with the username and SSH key. For more information, see Credentials.

 

Skip this parameter if the SFTP server does not require credentials.

Abort on error

boolean

Optional parameter. This parameter determines the outcome of a job in which an error has occurred. If the Abort on error parameter is true, job execution will be terminated. If the Abort on error parameter is false, FlowForce Server will ignore errors and continue job execution. The default value is true.

Logging

string

Optional parameter. Allows diagnosing SSH issues. You can set the log level to default (general information), verbose, or debug. You can leave the parameter empty, in which case no logging will happen. For more information, see the subsection below.

 

Key-exchange methods and host-key algorithms

Key-exchange methods are used to securely exchange cryptographic keys between parties over a communication channel. Key exchange methods ensure that in case of a breach in the communication channel the exchanged keys cannot be deciphered. The SFTP connect function supports the following key-exchange methods:

 

ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521, diffie-hellman-group-exchange-sha256, diffie-hellman-group16-sha512, diffie-hellman-group18-sha512, diffie-hellman-group14-sha256, diffie-hellman-group14-sha1, diffie-hellman-group1-sha1, diffie-hellman-group-exchange-sha1, ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521

 

Host key algorithms are used to establish the authenticity and integrity of host keys in secure communication protocols (such as SSH and TLS). The following host-key algorithms are supported:

 

ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521, ssh-ed25519, ssh-rsa,ssh-dss, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521, ssh-ed25519

 

SFTP logging

The Logging parameter helps diagnose SSH issues. The log levels can be default (general information), verbose, and debug. The parameter syntax is as follows:

 

( settings “;” )? filename

 

The file must be creatable for writing by the job user account. The file will be overwritten if it exists. You can use, for example, {instance-id()} inside the filename to make it unique. If the file cannot be created, the connection step will fail.

 

Log level configuration

The logging options are listed below:

 

No logging: If the Logging parameter is set to an empty string (empty text field), no logging happens.

Default-level log: If the parameter is a file name, the default-level log will be written to that file. The file name must be an absolute path (e.g., C:\temp\logfile.txt).

Verbose- or debug-level log: Only if special (more verbose) settings are desired is the extended syntax with a semicolon needed. For example, to get a debug-level log, write the following parameter value in the Logging text field:

 

debug;c:\temp\mylogfile.txt

 

Global and individual configuration

Log levels can be configured globally for both SFTP and SSH or individually for each. To configure SSH and SFTP separately, the log level must be prefixed with ssh= or sftp= depending on your needs. Multiple settings are separated by commas. The sample parameter value below shows how to set a debug-level log for SSH and a default-level log for SFTP:

 

ssh=debug,sftp=default;c:\temp\mylogfile.txt

 

Default-level log

The default-level log of a connection attempt may look as follows:

 

[SSH:info   ] SSH Line 2.0 OpenSSH_7.9p1 Debian-10+deb10u2

[SFTP:info   ] Connection established

[SFTP:info   ] Closing SFTP connection

[SFTP:info   ] SFTP read operation failed, status=broken pipe detail=0

 

Verbose-level log

To set the parameter to a verbose-level log, write the relevant parameter value in the Logging text field. An example of a verbose-level log is shown below:

 

[SSH:verbose] sending data

[SSH:verbose] Data received 112

[SSH:verbose] Received request result for channel 0

[SFTP:verbose] SFTP connection established

[SSH:verbose] sending data

[SSH:verbose] Data received 208

[SFTP:verbose] Received SFTP version 3 response

[SFTP:info   ] Connection established

[SSH:verbose] sending data

[SFTP:info   ] Closing SFTP connection

[SFTP:verbose] Closing SFTP channel

[SSH:verbose] sending data

[SSH:verbose] sending data

[SFTP:info   ] SFTP read operation failed, status=broken pipe detail=0

[SSH:verbose] Connected closed

[SSH:verbose] Data received 0

 

The debug-level log will show more detailed information about all operations.

 

© 2017-2023 Altova GmbH