[ale] Is there a limit on password length or characters for OUTBOUND sftp when receding a "password" prompt?

leam hall leamhall at gmail.com
Thu Apr 20 13:59:45 EDT 2017


If you are typing in the password, can you try a cut and paste? I wonder if
there's a timeout on input. Far as I know, with a quick google search,
there isn't a 30 character limit.

On Thu, Apr 20, 2017 at 1:46 PM, Lightner, Jeffrey <JLightner at dsservices.com
> wrote:

> Note I am NOT asking generic “is there a limit to password size” nor am I
> asking how to configure the remote sftp server (because I can’t).
>
>
>
> I AM asking specifically if the sftp COMMAND (not the daemon) that runs on
> some flavors of Linux has a size limit to what it will pass to the remote
> side or possibly won’t pass the “-“ character for some reason?
>
>
>
> Also please don’t tell me RHEL5 is end of support as I already know
> that.   My question is about RHEL6 so I am only noting I also see the issue
> on RHEL5 but not RHEL7.
>
>
>
> Background to the question:
>
> We are attempting to do sftp login to a remote site from our local RHEL
> servers.   We are connecting successfully but on entering password (either
> by typing it or doing a cut and paste) the password is being rejected.
>
>
>
> This is only occurring when we do sftp from RHEL6 (and RHEL5) but on
> testing from a RHEL7 server it is working.   This suggest the sftp command
> itself (not the demon) on RHEL6 (and RHEL5) is doing something different
> than it does on RHEL7.
>
>
>
> The password being sent is 30+ character and contains "-" characters.
> Hence I’m asking is there any length limit or special character limit sftp
> command on RHEL6 (and RHEL5) has that RHEL7 doesn't?
>
>
>
> On looking for such a limit the only thing I found even remotely like this
> was bug fix for Cisco where someone ran into a limit of 15/16 characters
> for password (but even that may  have been the daemon on the server
> [switch] rather than the command initiating the connection) but it has
> scant details.
>
>
>
> I’ve opened a case with RedHat and am waiting to hear back but figured I’d
> see if anyone in the community has run into it.
>
>
>
> Please don’t make suggestions regarding changing the password length or
> other settings on the remote side as I have no direct access to make such
> changes and don’t feel they’d be willing to make any as they deem this
> setup secure.
>
>
>
>
>
> CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential
> information and is for the sole use of the intended recipient(s). If you
> are not the intended recipient, any disclosure, copying, distribution, or
> use of the contents of this information is prohibited and may be unlawful.
> If you have received this electronic transmission in error, please reply
> immediately to the sender that you have received the message in error, and
> delete it. Thank you
>
>
>
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20170420/fe60ebfa/attachment.html>


More information about the Ale mailing list