Contact Us 1-800-596-4880

Upgrade and Migrate SFTP Connector to Version 2.x - Mule 4

Upgrade Anypoint Connector for SFTP (SFTP Connector) to version 2.x.x.

Supported Upgrade Paths

From Version To Version

1.6.0

2.x.x

Changes in This Release

This release contains the following changes:

  • Support for the Preferred Authentication Method KEYBOARD_INTERACTIVE is removed, as it isn’t in use.

  • The system property mule.sftp.useHomeDirectory was removed. SFTP Connector now uses the default home directory.

  • SFTP Connector 2.x.x no longer supports the jcraft library. The connector now uses the apache mina sshd library.

  • The List operation no longer fetches the content of each file. Now, the payload of each list item contains the complete path to the found file or directory.

  • The SFTP Regular Size file attribute is renamed to Regular File because its behavior is not related to size. The file attribute value can be a file (true) or a directory (false).

  • SFTP Connector 2.x.x does not support ciphers 3des-ctr and arcfour. For more information, refer to Supported Ciphers project.

  • The SFTP proxy protocol works only with HTTP and SOCKS5.

  • SFTP Connector no longer uses javax.activation to resolve the media types of the files. The connector now uses Apache Tika, which can result in different media file interpretations.

  • The connector changed the classes to manage the date from LocalDateTime to ZonedDateTime.

  • The deprecated Encoding parameter in the configuration and Write operation is removed. The connector uses the Mule’s default encoding.

Requirements

Ensure that you meet these requirements before you perform the upgrade:

Software Version

Mule

4.3.0 and later

Anypoint Studio

7.5.0 and later

JDK

8

Upgrade Prerequisites

Before you perform the upgrade, you must complete the following:

  • Create a backup of your files, data, and configurations in case you need to restore to them.

Upgrade Steps

Follow these steps to perform the upgrade:

  1. In Anypoint Studio, create a Mule project.

  2. In Mule Palette, click Search in Exchange.

  3. In Add Dependencies to Project, enter SFTP in the search field.

  4. In Available modules, select SFTP Connector and click Add.

  5. Click Finish.

  6. Verify that the SFTP Connector mule-sftp-connector version is 2.x.x in the pom.xml file in the Mule project.

Studio upgrades the connector automatically.

Post Upgrade Steps

After you install the latest version of the connector, follow these steps to complete the upgrade:

Verify the Upgrade

After you install the latest version of the connector, verify the upgrade:

  1. In Studio, verify that there are no errors in the Problems or Console views.

  2. Verify that there are no problems in the project pom.xml file.

  3. Test the connection to verify that the operations work.

Supported Ciphers

The Apache Mina SSHD library does not support ciphers 3des-ctr and arcfour. Additionally, the library introduces aes128-gcm, aes256-gcm, and cc20p1305_openssh as alternatives.

For the current version of the SFTP Connector, you must stick to the Apache Mina default options. Refer to the Apache Mina Supported Standards.

For details, review the following table:

JSCH - SFTP Connector 1.6 MINA SSHD - SFTP Connector 2.0

blowfish-cbc

blowfish-cbc (Deprecated)

3des-cbc

3des-cbc (Deprecated)

3des-ctr

Not supported.

aes128-cbc

aes128-cbc

aes128-ctr

aes128-ctr

Not supported.

aes128-gcm

aes192-cbc

aes192-cbc

aes192-ctr

aes192-ctr

aes256-cbc

aes256-cbc

aes256-ctr

aes256-ctr

Not supported.

aes256-gcm

arcfour

Not supported.

arcfour128

arcfour128 (Deprecated)

arcfour256

arcfour256 (Deprecated)

Not supported.

cc20p1305_openssh

Other Supported Cryptographic Entities

Kex Algorithms Host Key Algorithms MACs

curve25519-sha256*

ecdsa-sha2-nistp256-cert-v01@openssh.com

hmac-sha2-256-etm@openssh.com

curve25519-sha256@libssh.org*

ecdsa-sha2-nistp384-cert-v01@openssh.com

hmac-sha2-512-etm@openssh.com

curve448-sha512*

ecdsa-sha2-nistp521-cert-v01@openssh.com

hmac-sha1-etm@openssh.com

ecdh-sha2-nistp521

ssh-ed25519-cert-v01@openssh.com

hmac-sha2-256

ecdh-sha2-nistp384

rsa-sha2-512-cert-v01@openssh.com

hmac-sha2-512

ecdh-sha2-nistp256

rsa-sha2-256-cert-v01@openssh.com

hmac-sha1

diffie-hellman-group-exchange-sha256

ecdsa-sha2-nistp256

hmac-md5 (Deprecated)

diffie-hellman-group18-sha512

ecdsa-sha2-nistp384

hmac-md5-96 (Deprecated)

diffie-hellman-group17-sha512

ecdsa-sha2-nistp521

hmac-sha1-96 (Deprecated)

diffie-hellman-group16-sha512

ssh-ed25519**

diffie-hellman-group15-sha512

sk-ecdsa-sha2-nistp256@openssh.com

diffie-hellman-group14-sha256

sk-ssh-ed25519@openssh.com**

diffie-hellman-group1-sha1 (Deprecated)

rsa-sha2-512

diffie-hellman-group14-sha1 (Deprecated)

rsa-sha2-256

diffie-hellman-group-exchange-sha1 (Deprecated)

ssh-rsa

ssh-dss (Deprecated)

ssh-dss-cert-v01@openssh.com (Deprecated)

ssh-rsa-cert-v01@openssh.com (Deprecated)

* These algorithms require Bouncy Castle on Java versions before Java 11.

** These algorithms require externally EdDSA (Edwards-curve Digital Signature Algorithm) library.

Troubleshooting

Reverting the Upgrade

If you need to revert to the previous version of SFTP Connector, go to Anypoint Studio and in the project’s pom.xml file, change the mule-sftp-connector dependency version 2.x.x to the previous version.

Override SSH Connection Security Configuration

If you face SSH connection issues due to unsupported ciphers, macs, hostKeyAlgorithms or kexAlgorithms, then change the priority or enable deprecated ciphers and algorithms forcefully. Although using this method may introduce additional risk. Refer to Configure Security Parameters of SSH Connection and SFTP Connector Reference.

View on GitHub