Connection Error "Client did not send complete packet..."

Advertisement

atos_betrieb
Joined:
Posts:
2

Connection Error "Client did not send complete packet..."

Hi there,

I'm experiencing some strange behaviour with WinSCP 4.1.7.
I try to connect to a sftp server (SFTP-3) with key-file authentication.

Every third or fourth time I try, the connection works.
In all other cases I get the following error message:


. 2008-11-17 13:00:55.326 --------------------------------------------------------------------------
. 2008-11-17 13:00:55.326 WinSCP Version 4.1.7 (Build 413) (OS 5.2.3790 Service Pack 1)
. 2008-11-17 13:00:55.326 Login time: Montag, 17. November 2008 13:00:55
. 2008-11-17 13:00:55.326 --------------------------------------------------------------------------
. 2008-11-17 13:00:55.326 Session name: <testuser>@<testip>
. 2008-11-17 13:00:55.326 Host name: <testip> (Port: 22)
. 2008-11-17 13:00:55.326 User name: <testuser> (Password: No, Key file: Yes)
. 2008-11-17 13:00:55.326 Tunnel: No
. 2008-11-17 13:00:55.326 Transfer Protocol: SFTP (SCP)
. 2008-11-17 13:00:55.326 Ping type: -, Ping interval: 5 sec; Timeout: 20 sec
. 2008-11-17 13:00:55.326 Proxy: none
. 2008-11-17 13:00:55.326 SSH protocol version: 2 only; Compression: Yes
. 2008-11-17 13:00:55.326 Bypass authentication: No
. 2008-11-17 13:00:55.326 Try agent: Yes; Agent forwarding: No; TIS/CryptoCard: No; KI: No; GSSAPI: No
. 2008-11-17 13:00:55.326 Ciphers: aes,blowfish,3des,WARN,arcfour,des; Ssh2DES: No
. 2008-11-17 13:00:55.326 SSH Bugs: -,-,-,-,-,-,-,-
. 2008-11-17 13:00:55.326 SFTP Bugs: -,-
. 2008-11-17 13:00:55.326 Return code variable: Autodetect; Lookup user groups: Yes
. 2008-11-17 13:00:55.326 Shell: default, EOL: 0
. 2008-11-17 13:00:55.326 Clear aliases: Yes, Unset nat.vars: Yes, Resolve symlinks: Yes
. 2008-11-17 13:00:55.326 LS: ls -la, Ign LS warn: Yes, Scp1 Comp: No
. 2008-11-17 13:00:55.326 Local directory: default, Remote directory: home, Update: No, Cache: Yes
. 2008-11-17 13:00:55.326 Cache directory changes: Yes, Permanent: Yes
. 2008-11-17 13:00:55.326 DST mode: 1
. 2008-11-17 13:00:55.326 --------------------------------------------------------------------------
. 2008-11-17 13:00:55.373 Looking up host "<testip>"
. 2008-11-17 13:00:55.373 Connecting to <testip> port 22
. 2008-11-17 13:00:55.561 Server version: SSH-2.0-http://3sp.com_Maverick_SSHD
. 2008-11-17 13:00:55.561 We claim version: SSH-2.0-WinSCP_release_4.1.7
. 2008-11-17 13:00:55.561 SSPI: acquired credentials for: <testuser>@<testserver>
. 2008-11-17 13:00:55.561 Cannot convert IP address to SPN: DNS is not trusted
. 2008-11-17 13:00:55.561 GSSKEX disabled: The operation completed successfully.
. 2008-11-17 13:00:55.561 Using SSH protocol version 2
. 2008-11-17 13:00:55.686 Using Diffie-Hellman with standard group "group14"
. 2008-11-17 13:00:55.686 Doing Diffie-Hellman key exchange with hash SHA-1
. 2008-11-17 13:00:55.795 Server unexpectedly closed network connection
* 2008-11-17 13:00:55.951 (ESshFatal) Server unexpectedly closed network connection.


The Server-log says something like "Client did not send complete packet in key exchange! Possible DoS attack"

We checked the Network-Log, only to find that the connection is always working, but being disconneted in most cases within a second.

I tried every possible option in the configuration.
Still, sometimes it works - sometimes not.

fyi: I masked User and IP with <testuser> and <testip>

I'd really appreciate any help.

Thansk in advance and regards!

(... and sorry for my broken english ;o)

Reply with quote

Advertisement

atos_betrieb
Joined:
Posts:
2

Hi,

it turned out to be a problem with the SSH-server on the remote machine.

During the key-exchange the key is sometimes send in one and sometimes in two packets.
In the second case, the time between the arrival of the first and the second packet is about 0.0004 seconds.
That's enough for the server to assess the request as an attack. :evil:

Anyway, thanks for your response.

Greetz

Reply with quote

Advertisement

You can post new topics in this forum