On Wed, Sep 19, 2007 at 10:55:51AM -0500, Douglas E. Engert wrote: > > > Will Fiveash wrote: > > On Sun, Sep 02, 2007 at 07:21:52PM +1000, Edward Irvine wrote: > >> Hi Folks, > >> > >> I eventually gave up trying to coax the default sshd on Solaris 10 to > >> play nice with GSSAPI - the show-stopper was that it failed with > >> usernames > 8 characters. > > > > I use Solaris 10 ssh/sshd doing GSS-API auth via the Kerberos GSS mech > > all the time. What you may be running into is that Solaris has a > > limitation that Unix usernames be no more than 8 characters (see man > > passwd.4). This is not a limitation of Solaris sshd. > > > > Me too. > > We have many users that have names > 8. None of them login at a console > bit I have a test account with an 11 character user name. I even tried > it with dtlogin, and it works. > > Are you sure that is a restriction? > Is it just an out-dated man page? > Is this a restriction of the local /etc/passwrd file?
It's a restriction of /etc/passwd which is why I made the man passwd.4 reference. So depending on the /etc/pam.conf config this could have been the problem for the originator of this thread. > The 11 char test account was in NIS, and is now in LDAP. I'm don't know the specifics of those other account authorities but I can believe they don't have an 8 char limit like /etc/passwd. I'm also sure that limitation exists in Solaris for backwards compat/stability reasons. -- Will Fiveash Sun Microsystems Inc. Austin, TX, USA (TZ=CST6CDT) ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
