Differences
This shows you the differences between the selected revisions of the page.
| 2008-03-05 | 2008-03-07 | ||
| full title (martin) | WARNING - POTENTIAL SECURITY BREACH and Too many authentication failures for root and Unable to use this private key file, Couldn't load private key, Key is of wrong type (martin) | ||
| Line 7: | Line 7: | ||
| If you see this message and you know that your installation of WinSCP has connected to the same server before, it may have been recently upgraded to SSH protocol version 2. SSH protocols 1 and 2 use separate host keys, so when you first use SSH-2 with a server you have only used SSH-1 with before, you will see this message again. You should verify the correctness of the key as before. ((&puttydoccite)) | If you see this message and you know that your installation of WinSCP has connected to the same server before, it may have been recently upgraded to SSH protocol version 2. SSH protocols 1 and 2 use separate host keys, so when you first use SSH-2 with a server you have only used SSH-1 with before, you will see this message again. You should verify the correctness of the key as before. ((&puttydoccite)) | ||
| + | |||
| + | Read more about [[ssh#verifying_the_host_key|verifying host keys]]. | ||
| + | |||
| + | ===== WARNING - POTENTIAL SECURITY BREACH! ===== | ||
| + | This message, followed by "The server's host key does not match the one WinSCP has is cache", means that WinSCP has connected to the SSH server before, knows what its host key should be, but has found a different one. | ||
| + | |||
| + | This may mean that a malicious attacker has replaced your server with a different one, or has redirected your network connection to their own machine. On the other hand, it may simply mean that the administrator of your server has accidentally changed the key while upgrading the SSH software; this shouldn't happen but it is unfortunately possible. | ||
| + | |||
| + | You should contact your server's administrator and see whether they expect the host key to have changed. If so, verify the new host key in the same way as you would if it was new. ((&puttydoccite)) | ||
| Read more about [[ssh#verifying_the_host_key|verifying host keys]]. | Read more about [[ssh#verifying_the_host_key|verifying host keys]]. | ||
| Line 78: | Line 87: | ||
| * Number of parallel sessions allowed for the account has been exceeded. | * Number of parallel sessions allowed for the account has been exceeded. | ||
| * You are trying to connect with super-user account (''root''), without having allowed that. Please read [[faq_su|FAQ]]. | * You are trying to connect with super-user account (''root''), without having allowed that. Please read [[faq_su|FAQ]]. | ||
| + | |||
| + | ===== Server sent disconnect message type 2 (protocol error): "Too many authentication failures for root" ===== | ||
| + | This message is produced by an OpenSSH (or Sun SSH) server if it receives more failed authentication attempts than it is willing to tolerate. | ||
| + | |||
| + | This can easily happen if you are using Pageant and have a large number of keys loaded into it, since these servers count each offer of a public key as an authentication attempt. This can be worked around by specifying the key that's required for the authentication in the [[ui_login_session|session configuration]]; WinSCP will ignore any other keys Pageant may have, but will ask Pageant to do the authentication, so that you don't have to type your passphrase. ((&puttydoccite)) | ||
| + | |||
| + | ===== Unable to use this private key file, Couldn't load private key, Key is of wrong type ===== | ||
| + | If you see one of these messages, it often indicates that you've tried to load a key of an inappropriate type into WinSCP. | ||
| + | |||
| + | You may have specified a key that's inappropriate for the connection you're making. The SSH-1 and SSH-2 protocols require different private key formats, and a SSH-1 key can't be used for a SSH-2 connection (or vice versa). | ||
| + | |||
| + | Alternatively, you may have tried to load an SSH-2 key in a "foreign" format (OpenSSH or ssh.com), in which case you need to [[public_key#private|import it into PuTTY's native format]]. ((&puttydoccite)) | ||
| ===== [[unexpected_directory_listing]] Unexpected directory listing line '...' ===== | ===== [[unexpected_directory_listing]] Unexpected directory listing line '...' ===== | ||