I question why you want accounts without passwords when logging in via SSH and public keys does not use a password or even ask for one. Also anyone logged in can change users with only an su - <username> and not need a password. Have you tried setting PASS_MIN_LEN in /etc/login.defs to 0? Mike On 10/11/2013 03:27 AM, Michael Schultz wrote: > Thanks everyone, > > secure log tells me exactly what the problem is: > "User username not allowed because account is locked" > > Setting a password for that account unlocks it and ssh works as > expected. I guess I have to work on my account creation routine. > > > Michael > > > Am 10.10.2013 21:49, schrieb James Hogarth: >> On 10 Oct 2013 14:45, "Michael Schultz" <m.schultz@xxxxxx> wrote: >>> on a CentOS 6.4 machine I'm creating accounts with empty passwords. Each >>> user's public key is located in <user's home>/.ssh/authorized_keys. >>> >>> When trying to ssh into that machine, following error message is >> displayed: >>> Permission denied (publickey). >>> >> Check /var/log/secure on the server for more details... >> >> _______________________________________________ >> CentOS mailing list >> CentOS@xxxxxxxxxx >> http://lists.centos.org/mailman/listinfo/centos >> > _______________________________________________ > CentOS mailing list > CentOS@xxxxxxxxxx > http://lists.centos.org/mailman/listinfo/centos _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos