-
-
Notifications
You must be signed in to change notification settings - Fork 494
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[bug] changing password to very long password (128 characters tested) locks user out of system if using dietpi-config #5849
Comments
I checked whether whiptail password boxes themselves have a limitation, but 135 characters worked well. Can you test whether it works this way, i.e. when you enter your long password into the input boxes, whether the G_WHIP_PASSWORD
echo "$result"
unset -v result |
Run it from console directly instead of within a script. It is a shell function, hence not available in scripts if no |
Then the only other possibility is that chpasswd <<< 'dietpi:yourlongpassword' changes it for the |
Tried (150x chpasswd <<< 'dietpi:111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111'
login
# dietpi
# 111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111 works well. Setting the same password via Switching to OpenSSH, login works, switching back to Dropbear, login fails. So clearly a Dropbear limitation. |
Indirectly documented here, although I don't understand the changelog entry fully, whether the limit was necessary to resolve another issue or whether (and then why) it existed already: https://github.com/mkj/dropbear/blob/b8669b0/CHANGES#L234-L235 |
And here the related commit: mkj/dropbear@8b4f60a |
Perfect thanks |
When using dietpi config, entering a very long password locks the user out of the system. I've reproduced this bug on two seperate systems running dietpi and when changing the password via dietpi config, i get locked out of the system and ssh with that exact password fails.
Trying to change the password via
passwd
to the long one, succeeds however.When using a shorter password, this issue isn't present. The long password was also purely numbers and letters, so the issue isn't related to symbols.
SSH server tested: default dropbear
Dietpi version: latest
Also pasted the password as opposed to typing obviously, so it couldn't be a spelling mistake.
The text was updated successfully, but these errors were encountered: