[ale] Is there a limit on password length or characters for OUTBOUND sftp when receding a "password" prompt?

Lightner, Jeffrey JLightner at dsservices.com
Thu Apr 20 16:03:41 EDT 2017


Yes.   As noted I have the issue either typing the password or doing cut and paste.


From: ale-bounces at ale.org [mailto:ale-bounces at ale.org] On Behalf Of leam hall
Sent: Thursday, April 20, 2017 2:00 PM
To: Atlanta Linux Enthusiasts
Subject: Re: [ale] Is there a limit on password length or characters for OUTBOUND sftp when receding a "password" prompt?

If you are typing in the password, can you try a cut and paste? I wonder if there's a timeout on input. Far as I know, with a quick google search, there isn't a 30 character limit.

On Thu, Apr 20, 2017 at 1:46 PM, Lightner, Jeffrey <JLightner at dsservices.com<mailto:JLightner at dsservices.com>> wrote:
Note I am NOT asking generic “is there a limit to password size” nor am I asking how to configure the remote sftp server (because I can’t).

I AM asking specifically if the sftp COMMAND (not the daemon) that runs on some flavors of Linux has a size limit to what it will pass to the remote side or possibly won’t pass the “-“ character for some reason?

Also please don’t tell me RHEL5 is end of support as I already know that.   My question is about RHEL6 so I am only noting I also see the issue on RHEL5 but not RHEL7.

Background to the question:
We are attempting to do sftp login to a remote site from our local RHEL servers.   We are connecting successfully but on entering password (either by typing it or doing a cut and paste) the password is being rejected.

This is only occurring when we do sftp from RHEL6 (and RHEL5) but on testing from a RHEL7 server it is working.   This suggest the sftp command itself (not the demon) on RHEL6 (and RHEL5) is doing something different than it does on RHEL7.

The password being sent is 30+ character and contains "-" characters.  Hence I’m asking is there any length limit or special character limit sftp command on RHEL6 (and RHEL5) has that RHEL7 doesn't?

On looking for such a limit the only thing I found even remotely like this was bug fix for Cisco where someone ran into a limit of 15/16 characters for password (but even that may  have been the daemon on the server [switch] rather than the command initiating the connection) but it has scant details.

I’ve opened a case with RedHat and am waiting to hear back but figured I’d see if anyone in the community has run into it.

Please don’t make suggestions regarding changing the password length or other settings on the remote side as I have no direct access to make such changes and don’t feel they’d be willing to make any as they deem this setup secure.



CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you


_______________________________________________
Ale mailing list
Ale at ale.org<mailto:Ale at ale.org>
http://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20170420/7745fbda/attachment.html>


More information about the Ale mailing list