Username checking for VPS user

dragonxi

Can you examine whether the opalstack server checks a VPS username keyed for FileZilla client as it should do it ?

For example if the VPS username xxxx is the right username, the opalstack server accepts it which is ok i.e
the name xxxx is ok and the length 4 is ok.

Problem:
The opalstack server seems to accept also user names which just contain the string xxxx,
for example
xxxx/
xxxx//
xxxx///
Questions:
(1) which software/system causes this error ?
(2) does Thunderbird send xxxx even if
xxxx/ is keyed in ?
(3)
Does fpm-php software pass only xxxx
even if xxxx/ is sent from thunderbird client ?
(4) Is / a special character in vps username ?
(5) does the opalstack server check that VPS username defined in its the configuration:
(a) has the same length
(b) has exactly the same string
as that given by a vps user with Filezilla ?

sean

dragonxi

SFTP authentication is handled by the sshd service. It won't accept an invalid username like xxxx/.

Are you certain that you're looking at the Username field in your SFTP client? What you've described sounds more like a filesystem path, like the "initial working directory" or similar in your settings on a pathbar in the UI. /home/xxxx//// is a valid path so if that's what you're seeing then its normal for you to be able to access that path in SFTP while logged in as xxxx.
Thunderbird doesn't have anything to do with SFTP logins, but as far as I know it will send whatever username you've specified in your Thunderbird account settings when it connects to your mail server.
PHP-FPM doesn't have anything to do with Thunderbird, and neither of them have anything to do with FTP logins.
/ is not a legal character for a shell user name.
Yes, the sshd service verifies that your username is correct before it lets you log in. If it is not correct then you won't be logged in.

dragonxi

Yes, it is the Username field.

We sent you two examples with screenshots taken from two different workstations each having a different OS and different filezilla version.

Hopefully the emails help you to analyze.

sean

dragonxi ok, I don't have Filezilla installed but I've tested SSH and SFTP logins at the command line using a slash at the end of my username and, much to my surprise, I was able to log in.

According the the SSH logs, the slash and any following characters are discarded after login so you're still logged in as the correct user.

The same thing happens using a colon, eg: ssh xxxx:foo@opa1.opalstack.com logs in to opal1 as xxxx.

I very strongly suspect that this is by design (the syntax seems similar to Windows domain authentication) and I'll post here when I can locate some documentation to back that up. In the meantime I don't believe that there is any cause for concern.

I learned something new today, sorry for not giving you the benefit of the doubt 🙂