Bugzilla – Bug 911
Pasting sudo password results in failed login
Last modified: 2019-12-14 06:24:05 MST
Usecase: I usually log in into my remote hosts via ssh keys (encrypted) and as an added security measure i use a different password for sudo privilege escalation. The root user is locked and my login user is only accessible via ssh keys. Problem introduction: Some time ago i started not being able to copy and paste the password from my password manager (keepassxc) into the sudo password prompt (on the remote machine which i access via ssh), unfortunately i'm not able to identify the specific release that introduced this issue. After pasting the password in and pressing enter the login fails. Why don't i just type in the password? Well i use strong passwords >=256 characters (ExtendedASCII included) and its not feasible in a timely manner to type them in. (I use keepassxc in order to keep them safe and generate a new one very often) Expected behavior: The user should be able to paste the password in the prompt. Security implications: It doesn't have to be implemented by default, it could also be a separate setting.
This is probably because sudo is using a 256 byte buffer when reading input. If your password is > 255 chars you won't be able to enter it.
(In reply to Todd C. Miller from comment #1) > This is probably because sudo is using a 256 byte buffer when > reading input. If your password is > 255 chars you won't be able to > enter it. Reducing the length of the password seems to work. I wasn't able though to go over 170 chars though. I don't know how ExtendedASCII characters are encoded on linux but if they use up 12 bit that cap makes sense. 256 bytes (2048bit) / 12bit = ~170 characters Being a edge usecase i guess there's no point in fixing it, i will just stick with shorter passwords. Thanks for the help! Have a nice day.