[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: Linux locked accounts and PAM

From: Thorsten Kukuk <kukuk suse de>
To: pam-list redhat com
Subject: Re: Linux locked accounts and PAM
Date: Fri, 3 Oct 2008 00:57:55 +0200

On Thu, Oct 02, Max Bowsher wrote:

> Hi,
> 
> "Traditional" (pre-PAM) Linux software, like the 'shadow' package
> providing tools such as /usr/bin/passwd, and OpenSSH in non-PAM mode
> support the concept of a "locked" account being one whose crypted
> password field starts with a "!" character.

This has nothing to do with PAM.
 
> In particular, an account "locked" in this fashion becomes ineligible
> for ssh logins by public key, as well as by password, when used in this
> manner, when OpenSSH is not using PAM.
> 
> I'd quite like to make use of this feature even when OpenSSH *is* using
> PAM. Is there any existing way to configure PAM to respect this convention?

On openSUSE you can use "usermod -L" or "passwd -l" for this.
 
  Thorsten

-- 
Thorsten Kukuk, Project Manager/Release Manager SLES
SUSE LINUX Products GmbH, Maxfeldstr. 5, D-90409 Nuernberg
GF: Markus Rex, HRB 16746 (AG Nuernberg)

Follow-Ups:
- Re: Linux locked accounts and PAM
  - From: Max Bowsher

References:
- Linux locked accounts and PAM
  - From: Max Bowsher

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]