-
Notifications
You must be signed in to change notification settings - Fork 1.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Increase login length limit to 128 characters #46766
base: master
Are you sure you want to change the base?
Conversation
Can we still find such systems in the wild? For example old/weird things (routers, old boxes) registered in teleport as Agentless OpenSSH nodes. What happens if you try to connect to such system with a longer login? Does the user get an error? Can it mess with host user creation (e.g. you've got an old box and we create host users, except if your role contains a login too long)? Or do we just don't support those systems already? |
@hugoShaka it's actually configurable at the kernel level. Debian for example sets the limit at 255 chars. https://man7.org/linux/man-pages/man3/sysconf.3.html Generally the legacy 32 character limit has always been considered a best-practice, however a few binaries such as |
Yeah I'm hesitant to roll this out without further exploration and consideration. I also feel that if we do decide to proceed with this change it might be best not to backport it. |
Fair enough. There is also this unexpected integration test failure:
|
Traditionally POSIX systems imposed a maximum of 32 characters for the length of any particular username. Teleport was following this limit. However, many modern systems follow higher limits like 255.
This change increases the maximum to 128 characters. I believe the full 255 characters are unlikely to be used in practice and likely a result of an error.
Changelog: maximum length for individual UNIX login was increased to 128 characters from previous 32.