MAX_USERNAME_LEN set too low
Matt Johnston
matt at ucc.asn.au
Fri Mar 1 22:24:40 AWST 2019
Hi Mike,
The limit's arbitrary so 32 would be fine. Maybe even something like 100.
I'll increase it for the next release.
Cheers,
Matt
> On Fri 1/3/2019, at 8:28 am, W. Michael Petullo <mike at flyn.org> wrote:
>
> Dropbear's auth.h defines MAX_USERNAME_LEN as 25 and provides the
> commentary "arbitrary for the moment."
>
> The useradd utility from shadow-utils on Linux supports usernames with
> up to 32 characters.
>
> This means that some valid users cannot make use of SSH, namely users
> for which len(username) is larger than 25 but less than 32.
>
> 32 seems pretty common. Can we modify Dropbear to use 32 instead of 25?
>
> --
> Mike
>
> :wq
More information about the Dropbear
mailing list