[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Google
  Web www.spinics.net

Linux locked accounts and PAM

Hi,

"Traditional" (pre-PAM) Linux software, like the 'shadow' package
providing tools such as /usr/bin/passwd, and OpenSSH in non-PAM mode
support the concept of a "locked" account being one whose crypted
password field starts with a "!" character.

In particular, an account "locked" in this fashion becomes ineligible
for ssh logins by public key, as well as by password, when used in this
manner, when OpenSSH is not using PAM.

I'd quite like to make use of this feature even when OpenSSH *is* using
PAM. Is there any existing way to configure PAM to respect this convention?

If not, would it be sensible to add it to the pam_unix
account-management module?

Thanks,
Max.

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Pam-list mailing list
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list

[Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

Add to Google Powered by Linux