Selective blocking of password authentication
Frank Cusack
fcusack at fcusack.com
Sat Nov 2 11:23:01 EST 2002
On Fri, Nov 01, 2002 at 03:53:58PM -0800, Darren J Moffat wrote:
> On Tue, 29 Oct 2002, Frank Cusack wrote:
>
> > If you're not willing to do the admin piece, then you can just lock
> > those users accounts, this typically prefaces their crypted passwd
> > entry with '!' thereby disabling password auth. However, this will
>
> *LK* in Solaris.
Isn't that broken? You can't unlock the person's account and restore
their old password. (Which may be desirable, but I'm not convinced
this is wise for the system to ENFORCE.)
/fc
More information about the openssh-unix-dev
mailing list