We're in the process of setting up a solution with virtual machines in OpenStack where we'll use ThinLinc for remote access with SSO based on authentication tokens from OpenStack.
However, it seems that pamtester (used by the HTML5 client service) as distributed by ThinLinc will not read more than 31 characters.
As we're using OpenStack with uuid-tokens (32 characters), we're simply working around this by trying all possible combinations for the last character but that doesn't seem like a reasonable solution for other situations (like Yubikey where the token from the Yubikey alone is 44 characters).
This is on SL 6.5, x86_64.
This is fixed in the upcoming ThinLinc release (4.3.0) which is due to arrive now in October.
*** This bug has been marked as a duplicate of bug 5212 ***