> I don't think it is a bug even. Having accounts with locked passwords, but > still accessible via pubkey auth is a very useful thing. I agree, with one small caveat: Can a user unlock his own password? --Dan