Man-in-the-middle attack


THE INFORMATION IN THIS ARTICLE APPLIES TO:

  • EFT, all versions

SYMPTOM

End users claim that their SSH FTP client is reporting a possible "man-in-the-middle" attack

RESOLUTION

Either they have an old SSH keypair for your site or they are actually victims of a possible attack.

FTP clients will report a possible man-in-the-middle attack whenever you change your SSH keypair. The client software is correctly reporting that your "fingerprint" has changed.

To avoid confusion, notify your users every time you change your keypair.