HP-UX & Putty Log-In Prompt Problem

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Using HP-UX 11.11 and OpenSSH, a user accessing the server via Putty
5.7.  When their UNIX password has expired, they get an incomplete
prompt at their terminal.  Intead of the message "Changing Password for
USER-ID Old password:", they get "Changing password f".

The prompt stops at the letter f, but they can still enter their old
password and complete the password change process.

Has anyone seen this or knows how to correct it?

Re: HP-UX & Putty Log-In Prompt Problem

robert.hursch@lmco.com writes:
Quoted text here. Click to load it

This sounds like a problem report we had a while ago. Our correspondent
was using SSH-2 and "keyboard-interactive" authentication, and OpenSSH
on HP/UX was stuffing huge amounts of stuff into the prompt string
("last successful login", etc) (which RFC4256 says you shouldn't do,
grumble); PuTTY had a fixed-length buffer for the prompt, so truncated
it. At the time, we bumped the maximum prompt length from 200 to 512
bytes, and added an explicit indication of a truncated prompt. (This
went into 0.56.)

However, it looks like we didn't make any equivalent change to the SSH-1
equivalent of "keyboard-interactive" (TIS/CryptoCard), so if you're
using SSH-1 (which you can tell from PuTTY's Event Log) and the server
is sending a long prompt in this way, you may very well see the symptoms
you describe, even with modern PuTTY (up to 0.58).

The current development snapshots of PuTTY do not have these arbitrary
restrictions on prompt length, so this issue shouldn't occur. Try them?

Re: HP-UX & Putty Log-In Prompt Problem

Quoted text here. Click to load it

Yeah, we should change that.

It's the way it is because the same PAM conversation function is used for
both SSHv1 and SSHv2, but v2 has a lot more flexibility about sending back
that kind of info (eg the "instruction" field in the keyboard-interactive
packet or separate Banner packet).

Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

Site Timeline