Man-in-the-middle attack

THE INFORMATION IN THIS ARTICLE APPLIES TO:

  • EFT Server all versions
  • Secure FTP Server

SYMPTOM

End users claim that their SSH FTP client is reporting a possible "man-in-the-middle" attack

RESOLUTION

Either they have an old SSH keypair for your site or they are actually victims of a possible attack.

FTP clients will report a possible man-in-the-middle attack whenever you change your SSH keypair. The client software is correctly reporting that your "fingerprint" has changed.

To avoid confusion, notify your users every time you change your keypair.

Posted 18 Years Ago, Updated 13 Years Ago
https://kb.globalscape.com/Knowledgebase/10099/Maninthemiddle-attack