|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Max Bowsher (maxb
f2s.com)
Date: Thu Oct 02 2008 - 15:51:59 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi,
"Traditional" (pre-PAM) Linux software, like the 'shadow' package
providing tools such as /usr/bin/passwd, and OpenSSH in non-PAM mode
support the concept of a "locked" account being one whose crypted
password field starts with a "!" character.
In particular, an account "locked" in this fashion becomes ineligible
for ssh logins by public key, as well as by password, when used in this
manner, when OpenSSH is not using PAM.
I'd quite like to make use of this feature even when OpenSSH *is* using
PAM. Is there any existing way to configure PAM to respect this convention?
If not, would it be sensible to add it to the pam_unix
account-management module?
Thanks,
Max.
_______________________________________________
Pam-list mailing list
Pam-listredhat.com
https://www.redhat.com/mailman/listinfo/pam-list
- application/pgp-signature attachment: OpenPGP digital signature
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]