Instead of a traditional authorized_keys file on my server, I'm using a custom key verifier which sshd calls via the AuthorizedKeysCommand option. In the sshd_config, I can specify that this command should be fed the user's public key as an argument, like so:
AuthorizedKeysCommand /path/to/verifier %kThe problem is that the key encodes a lot of additional data and so can be quite large. If it's bigger than around 4135 bytes, sshd logs a fatal error while expanding the %k token:
sshd[5914]: fatal: percent_expand: string too longI've been combing through the source code of percent_expand and I don't see anywhere where this string too long error might be encountered. It appears that there is some kind of limit on the token size, but what is it? Where is it defined?
