HPE Community
Operating System - HP-UX
1834498 Members
2479 Online
110067 Solutions
New Discussion

SSH and password length

 
Ray Brewer
Valued Contributor

‎08-23-2004 10:38 AM

‎08-23-2004 10:38 AM

SSH and password length

We are planning on upgrading the release of SSH we are using to HP's latest, A.03.81.002. During our validation of this release we found a peculiar “bug”. Passwords of more than 8 characters cause PAM authentication failures. All of our systems are trusted and we allow for passwords with a much greater length than 8 characters. The documentation does not mention anything about password length restrictions. Has anyone run into this and if so what can be done to fix it? Thanks for any hel
0 Kudos
5 REPLIES 5
Michael Selvesteen_2
Trusted Contributor

‎08-23-2004 03:52 PM

‎08-23-2004 03:52 PM

Re: SSH and password length

Hi,

We are able to have password more than eight characters while system runs in trusted mode.
Normally password up to eighty characters are allowed in trusted system and SSH too follows.
The problem might be with SSH client's. Some of commercial SSH clients has some problems with trusted system.

The following information will be helpful for further analysis

1. Platform (IPF/PA)
2. OS version
3. SSHD server traces
4. SSH client traces

for debugging, the following link is quite useful

http://www.snailbook.com/faq/general-debugging.auto.html
Thanks
Michael
0 Kudos
Massimo Bianchi
Honored Contributor

‎08-23-2004 06:38 PM

‎08-23-2004 06:38 PM

Re: SSH and password length

Hi,
I just installed A.03.81.002 on a trusted HPUX 11.0 .

SSH client is putty, and we are NOT having any prolem.


Do you have problem with all the accounts, or just with some of them ?

The problem is just with ssh, or even with the normal telnet ?

Why don't you use certificates pair ? It would overcome the problem, in any case...

HTH,
Massimo

0 Kudos
Jdamian
Respected Contributor

‎08-23-2004 08:00 PM

‎08-23-2004 08:00 PM

Re: SSH and password length

I think the problem may be located in client.

I have some problems with my SSH client (SecureCRT) and HP-UX boxes. Supose the following scenario:

In an HP-UX server and in a Solaris 8 server there is a user (joe) whose password length is more than 8 chars. My laptop is Win2000. In my laptop SecureCRT is installed as well as CygWin (a Linux running on Windows).

(1A) Connection to the HP-UX server as "joe" using SecureCRT --> fails
(2B) Connection to the Solaris server as "joe" using SecureCRT --> OK


(2A) Connection to the HP-UX server as "joe" using SSH client from CygWin --> OK
(2B) Connection to the Solaris server as "joe" using SSH client from CygWin --> OK


0 Kudos
Ray Brewer
Valued Contributor

‎08-31-2004 08:32 AM

‎08-31-2004 08:32 AM

Re: SSH and password length

I found the answer to my problem. It has to do with the strange way we start and keep sshd running. We use "inittab" because we had had some problems with sshd dieing. Since HPâ s release of SSH version 3.71 there was a change in how authentication is handled related to Trusted Systems. At least that is what HP has told me. We were simply running the command

â /opt/ssh/bin/sshd â Dâ

Of course with the proper format for inittab. Apparently this did not setup the Operating environment properly for sshd. What we did to fix this was to change the command to this

su â root â c â /opt/ssh/bin/sshd â Dâ

The trick is to source in roots environ
0 Kudos
Ray Brewer
Valued Contributor

‎08-31-2004 08:33 AM

‎08-31-2004 08:33 AM

Re: SSH and password length

Please see my prior post for the solution.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.