3

I am trying to use Firebase Cloud Functions to send a file to webtrends ftp server, but I have encountered a problem I can not get past. Since I use Firebase Cloud Functions my function is running from a nodejs server. I am using this npm package: https://www.npmjs.com/package/ssh2-sftp-client.

After reading online and interpreting the debug log I understand the problem to be that the server uses a deprecated cryptation algorithm (ssh-dss). I read here https://www.openssh.com/legacy.html that ssh-dss is legacy and therefore not supported by ssh2.

Most of the other solutions I have found tell me to configure the ssh config, but I do not have access to the remote in this case and can not configure it.

Here is the code I am using to connect: 

const Client = require('ssh2-sftp-client');
const sftp = new Client();
sftp.connect({
  host: 'sftp.webtrends.com',
  port: '****', // omitted
  username: '****', // omitted
  password: '****', // omitted
  algorithms: {
    serverHostKeys: ['ssh-dss'],
  },
});

And here is the debug log: 

DEBUG: Local ident: 'SSH-2.0-ssh2js0.1.20'
DEBUG: Client: Trying sftp.webtrends.com on port **** ...
DEBUG: Client: Connected
DEBUG: Parser: IN_INIT
DEBUG: Parser: IN_GREETING
DEBUG: Parser: IN_HEADER
DEBUG: Remote ident: 'SSH-2.0-1.82_sshlib GlobalSCAPE'
DEBUG: Parser: IN_PACKET
DEBUG: Parser: IN_PACKETBEFORE (expecting 8)
DEBUG: Parser: IN_PACKETDATA
DEBUG: Parser: IN_PACKETDATAAFTER, packet: KEXINIT
DEBUG: Comparing KEXINITs ...
DEBUG: (remote) KEX algorithms: diffie-hellman-group14-sha1,diffie-hellman-
group-exchange-sha1,diffie-hellman-group1-sha1
DEBUG: (local) KEX algorithms: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-
sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1
DEBUG: (local) Host key formats: ssh-rsa,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
DEBUG: Outgoing: Writing KEXINIT
DEBUG: Parser: pktLen:484,padLen:11,remainLen:480
DEBUG: Outgoing: Writing DISCONNECT (KEY_EXCHANGE_FAILED)
DEBUG: KEX algorithm: diffie-hellman-group14-sha1
DEBUG: (remote) Host key formats: ssh-dss
DEBUG: No matching host key format
Doug Stevenson
  • 297,357
  • 32
  • 422
  • 441
eanilsen
  • 53
  • 1
  • 8

2 Answers2

5

There is a typo in your config options. Use these settings as described in the docs and it might work:

algorithms: {
  serverHostKey: ['ssh-dss'], // serverHostKey, without the 's'
},
Rob
  • 411
  • 3
  • 10
  • 1
    Thank you very much! I actually never found that and solved it by scrapping the file and writing a new one. Must have corrected the typo without knowing. – eanilsen Oct 16 '18 at 13:24
0

So, if you cannot configure the server, and ssh2-sftp-client says they don't support ssh-dss, your only option is to not use ssh2-sftp-client but another package that supports ssh-dss.

Doing a quick Google search for nodejs ftp client "ssh-dss", it should not be that difficult to find one that supports ssh-dss, for example yocto-sftp

Edo Akse
  • 4,051
  • 2
  • 10
  • 21