On Thu, Oct 02, Max Bowsher wrote: > Hi, > > "Traditional" (pre-PAM) Linux software, like the 'shadow' package > providing tools such as /usr/bin/passwd, and OpenSSH in non-PAM mode > support the concept of a "locked" account being one whose crypted > password field starts with a "!" character. This has nothing to do with PAM. > In particular, an account "locked" in this fashion becomes ineligible > for ssh logins by public key, as well as by password, when used in this > manner, when OpenSSH is not using PAM. > > I'd quite like to make use of this feature even when OpenSSH *is* using > PAM. Is there any existing way to configure PAM to respect this convention? On openSUSE you can use "usermod -L" or "passwd -l" for this. Thorsten -- Thorsten Kukuk, Project Manager/Release Manager SLES SUSE LINUX Products GmbH, Maxfeldstr. 5, D-90409 Nuernberg GF: Markus Rex, HRB 16746 (AG Nuernberg) _______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
