Applies to: All versions of DirectControl on HPUX platforms.
Logging in using SSH (stock or Centrify OpenSSH) from a HP-UX machine with a username more than 8 characters fails. SSH closes connection. su works fine. If the username is 8 characters or less, SSH works fine.
HP-UX has imposed username restriction of maximum 8 characters running in either Trusted or non-Trusted mode.
In the case of non-Trusted Mode, it is possible to work around this feature by adding a file to the /etc/default directory, as described in the HP KB PCHO-23218, i.e.
Additional notes (from HP forum sites): There is an eight character limit on user logins on HP-UX 11.0, however there is a patch from HP that you can install on your system to address this issue. This is patch PHCO_21833. Centrify will not provide or take any responsibility if this patch causes other issues. The PAM libraries intentionally reject login names which are longer than 8 characters. This behavior is changed from 10.20. Some customers may want a way to bypass this restriction. Below is the resolution.
libpam_unix.1 now checks for the existence of a file in the "/etc/default" directory called:
If this file exists, then login names longer than 8 characters can be added to the zone, and then those users can login. Note the following restrictions:
1) HP has never claimed that HP-UX supports user names longer than 8 characters, and does not recommend that customers bypass the existing length checks. Doing so may cause functional and/or security problems.
2) This patch does not remove the existing user name length checks from other commands - e.g. pwck(1m), sam(1m), useradd(1m).
3) Do not enable long usernames on trusted system configurations.
4) Check if long user and group name feature enabled or not (please refer to KB-2047 for details)
The below link explains the limitation as well.
Centrify Corporation does not take any responsibility for the content or availability of this link and it was provided as a courtesy. Customers should contact the vendor if there are any further questions