Fix the length check when computing a fake challenge for users not

Fix the length check when computing a fake challenge for users not
in the S/Key database.  If the system hostname is longer than 126
characters this could result in NUL bytes being written past the
end of a stack buffer.  There is no impact on systems with a hostname
126 characters or less.  Found by Qualys.  OK deraadt@