Post a reply

Before posting, please read how to report bug or request support effectively.

Bug reports without an attached log file are usually useless.

Options
Add an Attachment

If you do not want to add an Attachment to your Post, please leave the Fields blank.

(maximum 10 MB; please compress large files; only common media, archive, text and programming file formats are allowed)

Options

Topic review

atos_betrieb

Hi,

it turned out to be a problem with the SSH-server on the remote machine.

During the key-exchange the key is sometimes send in one and sometimes in two packets.
In the second case, the time between the arrival of the first and the second packet is about 0.0004 seconds.
That's enough for the server to assess the request as an attack. :evil:

Anyway, thanks for your response.

Greetz
martin

Re: Connection Error "Client did not send complete packet..."

Can you try to connect with PuTTY?
atos_betrieb

Connection Error "Client did not send complete packet..."

Hi there,

I'm experiencing some strange behaviour with WinSCP 4.1.7.
I try to connect to a sftp server (SFTP-3) with key-file authentication.

Every third or fourth time I try, the connection works.
In all other cases I get the following error message:


. 2008-11-17 13:00:55.326 --------------------------------------------------------------------------
. 2008-11-17 13:00:55.326 WinSCP Version 4.1.7 (Build 413) (OS 5.2.3790 Service Pack 1)
. 2008-11-17 13:00:55.326 Login time: Montag, 17. November 2008 13:00:55
. 2008-11-17 13:00:55.326 --------------------------------------------------------------------------
. 2008-11-17 13:00:55.326 Session name: <testuser>@<testip>
. 2008-11-17 13:00:55.326 Host name: <testip> (Port: 22)
. 2008-11-17 13:00:55.326 User name: <testuser> (Password: No, Key file: Yes)
. 2008-11-17 13:00:55.326 Tunnel: No
. 2008-11-17 13:00:55.326 Transfer Protocol: SFTP (SCP)
. 2008-11-17 13:00:55.326 Ping type: -, Ping interval: 5 sec; Timeout: 20 sec
. 2008-11-17 13:00:55.326 Proxy: none
. 2008-11-17 13:00:55.326 SSH protocol version: 2 only; Compression: Yes
. 2008-11-17 13:00:55.326 Bypass authentication: No
. 2008-11-17 13:00:55.326 Try agent: Yes; Agent forwarding: No; TIS/CryptoCard: No; KI: No; GSSAPI: No
. 2008-11-17 13:00:55.326 Ciphers: aes,blowfish,3des,WARN,arcfour,des; Ssh2DES: No
. 2008-11-17 13:00:55.326 SSH Bugs: -,-,-,-,-,-,-,-
. 2008-11-17 13:00:55.326 SFTP Bugs: -,-
. 2008-11-17 13:00:55.326 Return code variable: Autodetect; Lookup user groups: Yes
. 2008-11-17 13:00:55.326 Shell: default, EOL: 0
. 2008-11-17 13:00:55.326 Clear aliases: Yes, Unset nat.vars: Yes, Resolve symlinks: Yes
. 2008-11-17 13:00:55.326 LS: ls -la, Ign LS warn: Yes, Scp1 Comp: No
. 2008-11-17 13:00:55.326 Local directory: default, Remote directory: home, Update: No, Cache: Yes
. 2008-11-17 13:00:55.326 Cache directory changes: Yes, Permanent: Yes
. 2008-11-17 13:00:55.326 DST mode: 1
. 2008-11-17 13:00:55.326 --------------------------------------------------------------------------
. 2008-11-17 13:00:55.373 Looking up host "<testip>"
. 2008-11-17 13:00:55.373 Connecting to <testip> port 22
. 2008-11-17 13:00:55.561 Server version: SSH-2.0-http://3sp.com_Maverick_SSHD
. 2008-11-17 13:00:55.561 We claim version: SSH-2.0-WinSCP_release_4.1.7
. 2008-11-17 13:00:55.561 SSPI: acquired credentials for: <testuser>@<testserver>
. 2008-11-17 13:00:55.561 Cannot convert IP address to SPN: DNS is not trusted
. 2008-11-17 13:00:55.561 GSSKEX disabled: The operation completed successfully.
. 2008-11-17 13:00:55.561 Using SSH protocol version 2
. 2008-11-17 13:00:55.686 Using Diffie-Hellman with standard group "group14"
. 2008-11-17 13:00:55.686 Doing Diffie-Hellman key exchange with hash SHA-1
. 2008-11-17 13:00:55.795 Server unexpectedly closed network connection
* 2008-11-17 13:00:55.951 (ESshFatal) Server unexpectedly closed network connection.


The Server-log says something like "Client did not send complete packet in key exchange! Possible DoS attack"

We checked the Network-Log, only to find that the connection is always working, but being disconneted in most cases within a second.

I tried every possible option in the configuration.
Still, sometimes it works - sometimes not.

fyi: I masked User and IP with <testuser> and <testip>

I'd really appreciate any help.

Thansk in advance and regards!

(... and sorry for my broken english ;o)