strange sftp behaviour... man-in-the-middle?
Hello all,
one of my servers started to behave strangely...
I can connect with ssh to the server and also to other machines from the
server without any problems from a variety of sites, and don't experience
any delays.
However with sftp I am able to only connect to the port, but the
operations (that includes even checking the password at login) either
complete with a great delay, or time out with connection reset by peer.
This happens both when connecting to the server or sftp-ing out from the
server. This used to go on for quite a while, then it occasionally
corrects itself, then starts it again, again without any visible cause.
The ssh package version is 3.4p1-1.woody.3 (latest woody security update
package). The sshd_config is set to have only protocol 2.
Has anyone met similar behaviour?
Are there any rootkits out there or man-in-the-middle programs out there
which are only able to simulate ssh correctly, but have problems with
sftp, which may cause this behaviour?
Thanks in advance,
Robert Varga
Reply to: