Connecting using username&password
Sample code
const Client = require('ssh2-sftp-client');
module.exports = class SFTPClient {
#sftpClient;
constructor() {
this.#sftpClient = new Client();
}
async connect(options) {
try {
return this.#sftpClient.connect(options); // options = {host,port,username,password}
} catch (err) {
return null;
}
}
}
The connection was initially functioning properly, but it now fails on the lambda function, while the ECS instances continue to work fine.
here are the detailed logs from the Lambda
2024-10-29T21:37:39.289Z b2a4f522-527d-4bbe-ae4f-116600d2bd76 INFO Debug: CLIENT[sftp]: ssh2-sftp-client Version: 9.0.4
{
"node": "16.20.2",
"v8": "9.4.146.26-node.26",
"uv": "1.43.0",
"zlib": "1.2.11",
"brotli": "1.0.9",
"ares": "1.19.1",
"modules": "93",
"nghttp2": "1.47.0",
"napi": "8",
"llhttp": "6.0.11",
"openssl": "1.1.1v+quic",
"cldr": "41.0",
"icu": "71.1",
"tz": "2022f",
"unicode": "14.0",
"ngtcp2": "0.8.1",
"nghttp3": "0.7.0"
}
2024-10-29T21:37:39.290Z b2a4f522-527d-4bbe-ae4f-116600d2bd76 INFO Debug: CLIENT[sftp]: connect: Connect attempt 1
2024-10-29T21:37:39.293Z b2a4f522-527d-4bbe-ae4f-116600d2bd76 INFO Debug: Custom crypto binding not available
2024-10-29T21:37:39.771Z b2a4f522-527d-4bbe-ae4f-116600d2bd76 INFO Debug: Verifying signature ...
2024-10-29T21:37:39.772Z b2a4f522-527d-4bbe-ae4f-116600d2bd76 INFO Debug: Verified signature
2024-10-29T21:37:39.773Z b2a4f522-527d-4bbe-ae4f-116600d2bd76 INFO Debug: Handshake completed
2024-10-29T21:37:39.773Z b2a4f522-527d-4bbe-ae4f-116600d2bd76 INFO #sftpClient event handshake:
{
"kex": "ecdh-sha2-nistp256",
"serverHostKey": "ssh-ed25519",
"cs": {
"cipher": "aes128-gcm@openssh.com",
"mac": "",
"compress": "none",
"lang": ""
},
"sc": {
"cipher": "aes128-gcm@openssh.com",
"mac": "",
"compress": "none",
"lang": ""
}
}
2024-10-29T21:37:39.898Z b2a4f522-527d-4bbe-ae4f-116600d2bd76 INFO Debug: Outbound: Sending USERAUTH_REQUEST (none)
2024-10-29T21:37:40.086Z b2a4f522-527d-4bbe-ae4f-116600d2bd76 INFO Debug: Socket error: read ECONNRESET
2024-10-29T21:37:40.087Z b2a4f522-527d-4bbe-ae4f-116600d2bd76 INFO #sftpClient event error: Error: read ECONNRESET
at TCP.onStreamRead (node:internal/stream_base_commons:217:20) {
errno: -104,
code: 'ECONNRESET',
syscall: 'read',
level: 'client-socket'
}
We also tried using Node v20 and ssh2 v1.16.0, but it failed as well.
We have explored numerous options to resolve the problem.
Option - 1: The third-party responsible for maintaining the SFTP system was contacted, but they didn't provide much info to fix it. They just sent an image attached. sftp-server-log
Option - 2: We initiated an AWS premium support ticket to receive their feedback, but the AWS support system confirmed that everything is okay on their end.
Option - 3: We started searching for Google and asking questions to AI, and tried different solutions. One of our engineers found a simple solution that works fine. I'm including it here in case anyone else experiences the same problem and requires assistance.
Before
options = {host,port,username,password}; this.#sftpClient.connect(options);
After
options = {host,port,username,password, algorithms: { cipher: ['aes256-ctr'] }}; this.#sftpClient.connect(options);
So adding algorithms as options in the configuration works for us. You might need a different cipher version to achieve your desired solution.
This algorithms: { cipher: ['aes256-ctr'] } works for us