Open timothyb89 opened 1 month ago
There's probably another bug in that the lookupPosixShell
debug log should probably appear when trying to start an interactive session too. It was otherwise not logged at all until @russjones thought to try running an explicit command, which made discovering the root cause much harder.
Wanted to chime in. We are seeing this issue too on a number of our servers. Let me know if I can help in any way. Teleport Enterprise v13.4.26 -> Ubuntu 18.04 host.
Expected behavior:
Given an
/etc/passwd
entry with a long comment field:...logins should succeed.
Current behavior:
If one or more long
/etc/passwd
entries are present, that account and all subsequent accounts will be unable to log in.Failures look like this:
Note that the username being looked up may not appear in the log message, as the failure can be triggered by any excessively long entry earlier in the file.
OpenSSH is unaffected, presumably because it implemented the advice given in the man page:
Teleport should either retry with a longer buffer, or just use a large buffer for every lookup.
Bug details: