fatal exception: Max supported packet size is 102400

Hello !

Since one or two weeks I cannot log into my server. Any login attemp ends with:

Sent password
. Access granted
. Opened channel for session
. Started a shell/command
. --------------------------------------------------------------------------
. Using SFTP protocol.
. Doing startup conversation with host.
> Type: SSH_FXP_INIT, Size: 5, Number: -1
. Attempt to close connection due to fatal exception:
* Received too large (2003136105 B) SFTP packet. Max supported packet size is 102400 B.
. Closing connection.
* (ESshFatal) Cannot initialize SFTP protocol. Is the host running a SFTP server?
* Received too large (2003136105 B) SFTP packet. Max supported packet size is 102400 B.

I can login with PUTTY without any problems.
What is going wrong?

I am running
SSH-2.0-OpenSSH_3.4p1 Debian 1:3.4p1-1.woody.3

Thank you !!

Thorsten

I get a similar error message as you. However I don't think it is a problem with WinSCP because I cann't login with the sftp program in linux. Anyone know what is going on? I am also running Debain.Woody (Sorry I don't know how to get version numbers :roll: )

I can login with PUTTY without any problems.
What is going wrong?

Can you try other SFTP client? Like PSFTP from Putty package.

I realize that this problem is probably caused by ssh but could you point me in the direction to fix it? I ran sshd in debug mode but I did not receive any useful errors. Anyways here is a dump of the sshd debug when I connected with your program.(user name edited out)
----------------------------------------------------
Starting OpenBSD Secure Shell server: sshddebug1: sshd version OpenSSH_3.6.1p2 Debian 1:3.6.1p2-9
debug1: private host key: #0 type 0 RSA1
debug1: read PEM private key done: type RSA
debug1: private host key: #1 type 1 RSA
debug1: read PEM private key done: type DSA
debug1: private host key: #2 type 2 DSA
socket: Address family not supported by protocol
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
Generating 768 bit RSA key.
RSA key generation complete.
debug1: Server will not fork when running in debugging mode.
Connection from 192.168.0.2 port 1045
debug1: Client protocol version 2.0; client software version WinSCP-release-3.4.2.197
debug1: no match: WinSCP-release-3.4.2.197
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-1.99-OpenSSH_3.6.1p2 Debian 1:3.6.1p2-9
debug1: permanently_set_uid: 103/65534
debug1: list_hostkey_types: ssh-rsa,ssh-dss
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: client->server aes256-cbc hmac-sha1 zlib
debug1: kex: server->client aes256-cbc hmac-sha1 zlib
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST_OLD received
debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent
debug1: Enabling compression at level 6.
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: KEX done
debug1: userauth-request for user ------ service ssh-connection method none
debug1: attempt 0 failures 0
Failed none for shodan from 192.168.0.2 port 1045 ssh2
debug1: Starting up PAM with username "------"
debug1: userauth-request for user ------ service ssh-connection method keyboard-interactive
debug1: attempt 1 failures 1
debug1: keyboard-interactive devs
debug1: auth2_challenge: user=----- devs=
debug1: kbdint_alloc: devices ''
Failed keyboard-interactive for ------ from 192.168.0.2 port 1045 ssh2
debug1: userauth-request for user ------ service ssh-connection method password
debug1: attempt 2 failures 2
debug1: PAM setting rhost to "192.168.0.2"
debug1: PAM password authentication accepted for ------
Accepted password for ------ from 192.168.0.2 port 1045 ssh2
Accepted password for ------ from 192.168.0.2 port 1045 ssh2
debug1: monitor_child_preauth: ------- has been authenticated by privileged process
debug1: PAM establishing creds
debug1: permanently_set_uid: 1000/1000
debug1: Entering interactive session for SSH2.
debug1: fd 7 setting O_NONBLOCK
debug1: fd 8 setting O_NONBLOCK
debug1: server_init_dispatch_20
debug1: server_input_channel_open: ctype session rchan 256 win 16384 max 16384
debug1: input_session_request
debug1: channel 0: new [server-session]
debug1: session_new: init
debug1: session_new: session 0
debug1: session_open: channel 0
debug1: session_open: session 0: link with channel 0
debug1: server_input_channel_open: confirm session
debug1: server_input_channel_req: channel 0 request subsystem reply 1
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req subsystem
subsystem request for sftp
debug1: subsystem: exec() /usr/lib/sftp-server
debug1: PAM establishing creds
debug1: fd 10 setting O_NONBLOCK
Connection closed by 192.168.0.2
debug1: channel_free: channel 0: server-session, nchannels 1
debug1: session_close: session 0 pid 29380
Closing connection to 192.168.0.2
----------------------------------------------------
According to the log it looks like your program closed the connection however, I get the same problem when I use the program sftp in linux and psftp does not work at all (it just hangs after I type in my password). Here is the log from your program.
-----------------------------------------------------
. --------------------------------------------------------------------------
. WinSCP Version 3.4.2 (Build 197)
. Login time: November 27, 2003 12:18:19 PM
. --------------------------------------------------------------------------
. Session name: user@site.ca
. Host name: site.ca (Port: 22)
. User name: user (Password: Yes, Key file: No)
. Transfer Protocol: SFTP
. SSH protocol version: 2; Compression: Yes
. Agent forwarding: No; TIS/CryptoCard: No; KI: Yes
. Ciphers: aes,blowfish,3des,WARN,des; Ssh2DES: No
. Ping interval: 0 sec (0 = off); Timeout: 15 sec
. SSH Bugs: -,-,-,-,-,-,-,-,
. Proxy: none
. Return code variable: Autodetect; Lookup user groups: Yes
. Shell: default, EOL: 0
. Local directory: default, Remote directory: home, Update: No, Cache: Yes
. Clear aliases: Yes, Unset nat.vars: Yes, Resolve symlinks: Yes
. Alias LS: No, Ign LS warn: Yes, Scp1 Comp: No
. --------------------------------------------------------------------------
. Looking up host "site.ca"
. Connecting to 192.168.0.1 port 22
. Server version: SSH-1.99-OpenSSH_3.6.1p2 Debian 1:3.6.1p2-9
. We claim version: SSH-2.0-WinSCP-release-3.4.2.197
. Using SSH protocol version 2
. Doing Diffie-Hellman group exchange
. Doing Diffie-Hellman key exchange
. Host key fingerprint is:
. ssh-rsa 1024 xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx
. Initialised AES-256 client->server encryption
. Initialised AES-256 server->client encryption
. Initialised zlib (RFC1950) compression
. Initialised zlib (RFC1950) decompression
! Using username "user".
. Keyboard-interactive authentication refused
. Session password prompt (user@site.ca's password: )
. Using stored password.
. Sent password
. Access granted
. Opened channel for session
. Started a shell/command
. --------------------------------------------------------------------------
. Using SFTP protocol.
. Doing startup conversation with host.
> Type: SSH_FXP_INIT, Size: 5, Number: -1
. Attempt to close connection due to fatal exception:
* Received too large (1399353188 B) SFTP packet. Max supported packet size is 102400 B.
. Closing connection.
* (ESshFatal) Cannot initialize SFTP protocol. Is the host running a SFTP server?
* Received too large (1399353188 B) SFTP packet. Max supported packet size is 102400 B.
------------------------------------------------------
Thanks for any help that you can provide.
Daniel

The problem happens because of a little script I made. Basically in my .bashrc I have a script that checks if I have any mail and echos the result. For some reason this is throwing the sftp connection. Did I put the script in the wrong place?? Is there somewhere I can put it so that it won't interfere with sftp but I will still get the message when I login with a remote or local console?

Try to put your script to .profile. On most servers, .bashrc is invoked even for non-interactive sessions, so it should not contain anything that may interfere with automated sessions.

Indeed, a script in .bashrc that produces output reliably triggers this error in WinSCP 4.2.8 (the latest version as of now).

The solution is to move the contents of your .bashrc file to .bash_profile. This will cause your script to run when you login with an SSH terminal (like with PuTTY), but will not trigger your script when an SCP client (like WinSCP) connects. From an SSH terminal logged into the account in question, run:


Hope that helps!

For details about error message "Cannot initialize SFTP protocol. Is the host running a SFTP server?" see:
https://winscp.net/eng/docs/message_cannot_initialize_sftp_protocol