It is yet unclear what the root cause of this issue is - libpam, crypt, passwd and sudo seem like primary suspects. The 256 character password is hashed to a value which still allows a TTY login to succeed. Also, passwd run by a different user in the context of the affected user (using sudo) still works. So apparently it only breaks for the logged-in user. This may help identify the root cause.
pam_unix(8) (on bionic) states:
The maximum length of a password supported by the pam_unix module via the
helper binary is PAM_MAX_RESP_SIZE - currently 512 bytes. The rest of the
password provided by the conversation function to the module will be
ignored.
Regarding passwd, I was told this on IRC:
passwd uses getpass() to read the password from the user, and testing just
getpass() alone shows it will return up to 4095 bytes long (i.e. truncates
at that length).
It is yet unclear what the root cause of this issue is - libpam, crypt, passwd and sudo seem like primary suspects. The 256 character password is hashed to a value which still allows a TTY login to succeed. Also, passwd run by a different user in the context of the affected user (using sudo) still works. So apparently it only breaks for the logged-in user. This may help identify the root cause.
pam_unix(8) (on bionic) states:
The maximum length of a password supported by the pam_unix module via the
helper binary is PAM_MAX_RESP_SIZE - currently 512 bytes. The rest of the
password provided by the conversation function to the module will be
ignored.
Regarding passwd, I was told this on IRC:
passwd uses getpass() to read the password from the user, and testing just
getpass() alone shows it will return up to 4095 bytes long (i.e. truncates
at that length).