[Bug 2050874] Re: "Illegal characters in username" breaks sftp upload

Sergio Durigan Junior 2050874 at bugs.launchpad.net
Wed Jan 24 18:50:08 UTC 2024 

Thank you for taking the time to report a bug.

As you mentioned yourself, this is indeed a security feature and not a
bug.  It would be wrong for Ubuntu (or any other GNU/Linux distro out
there, IMHO) to revert this change.

It also seems to me that your request less a "bug report" and more a
"request for help".  As such, I am taking the liberty of marking this
bug as Invalid.  My suggestion would be to look for help on the
appropriate technical forums (either Ubuntu's or upstream's).

Finally, you mentioned that using ~/.ssh/config is not ideal because
there's no obvious way to set the password.  I would strongly recommend
using key-based authentication instead.

Thank you.

** Changed in: openssh (Ubuntu)
       Status: New => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/2050874

Title:
  "Illegal characters in username" breaks sftp upload

Status in openssh package in Ubuntu:
  Invalid

Bug description:
  A new error message appeared in 1:8.2p1-4ubuntu0.11, "remote username
  contains invalid characters".

  The underlying commit seems to be this:
  https://github.com/openbsd/src/commit/ba05a7aae989020b8d05cc93cc6200109bba5a7b

  
  I need to work with an sftp connection where the username includes "|". The lftp client uses ssh to connect, triggering the error.

  It's possible to whitelist the username by adding it to a config file
  (e.g. ~/.ssh/config), but in that case, there's no obvious way to set
  the password.

  
  I suppose this is in fact a feature more than it is a bug, but it is really inconvenient. Any hints on how to handle it would be welcome.


  Regards,
  Jakob Lund


  Ubuntu 20.04.3 LTS

  openssh-client:
    Installed: 1:8.2p1-4ubuntu0.11

  lftp:
    Installed: 4.8.4-2build3

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2050874/+subscriptions

More information about the foundations-bugs mailing list