[Bug 1579] New: long usernames get truncated and fail to log in

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Sat Mar 28 01:55:30 EST 2009


https://bugzilla.mindrot.org/show_bug.cgi?id=1579

           Summary: long usernames get truncated and fail to log in
           Product: Portable OpenSSH
           Version: 5.2p1
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: major
          Priority: P2
         Component: sshd
        AssignedTo: unassigned-bugs at mindrot.org
        ReportedBy: ossman at cendio.se


A username cannot currently be longer than 128 characters as that is
the size of the "username" field in struct logininfo. Under some
circumstances this is not enough though.

In our specific case, we log in using the common name from a
certificate, which often surpasses 128 characters. Logging in using
common names from an LDAP tree is another case where username can
easily get very long.

In a perfect world, the server could cope with any length, but at the
very least the length should be extended. 256 bytes covers the cases
we've seen, but 512 bytes might be prudent. Memory usage should not be
an issue in these ranges.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list