diff --git a/internal/security/validation.go b/internal/security/validation.go
index 437c980..4354d56 100644
--- a/internal/security/validation.go
+++ b/internal/security/validation.go
@@ -188,10 +188,10 @@ func (iv *InputValidator) ValidateSSHUser(username string) error {
 		return fmt.Errorf("SSH username too long: %d characters (max %d)", len(username), MaxSSHUserLength)
 	}
 
-	// SSH usernames should only contain alphanumeric characters, hyphens, and underscores
-	validUserRegex := regexp.MustCompile(`^[a-zA-Z0-9_\-]+$`)
+	// SSH usernames should only contain alphanumeric characters, hyphens, underscores, and dots
+	validUserRegex := regexp.MustCompile(`^[a-zA-Z0-9_\-\.]+$`)
 	if !validUserRegex.MatchString(username) {
-		return fmt.Errorf("SSH username contains invalid characters (only alphanumeric, hyphen, underscore allowed)")
+		return fmt.Errorf("SSH username contains invalid characters (only alphanumeric, hyphen, underscore, dot allowed)")
 	}
 
 	// Cannot start with hyphen or number
diff --git a/internal/security/validation_test.go b/internal/security/validation_test.go
index 00ec7e4..be45798 100644
--- a/internal/security/validation_test.go
+++ b/internal/security/validation_test.go
@@ -191,6 +191,8 @@ func TestValidateSSHUser(t *testing.T) {
 		{"valid_with_hyphen", "user-name", false, ""},
 		{"valid_with_numbers", "user123", false, ""},
 		{"valid_mixed", "my_user-123", false, ""},
+		{"valid_with_dot", "user.name", false, ""},
+		{"valid_with_multiple_dots", "first.last.name", false, ""},
 
 		// Invalid usernames
 		{"empty_username", "", true, "cannot be empty"},
@@ -199,7 +201,6 @@ func TestValidateSSHUser(t *testing.T) {
 		{"starts_with_number", "1user", true, "cannot start with hyphen or number"},
 		{"invalid_chars_space", "user name", true, "invalid characters"},
 		{"invalid_chars_special", "user@host", true, "invalid characters"},
-		{"invalid_chars_dot", "user.name", true, "invalid characters"},
 		{"invalid_chars_slash", "user/name", true, "invalid characters"},
 	}