adduser: what is the difference between --disabled-password and--disabled-login
adduser(8) states that
With the --disabled-login option, the account will be created but
will be disabled until a password is set. The --disabled-password
option will not set a password, but login are still possible for
example through SSH RSA keys.
I wonder what is the difference? Alternatively, how adduser accomplish
that? The relevant source lines seem to be:
} elsif ($arg eq "--disabled-password") {
$ask_passwd = 0;
$disabled_login = 0;
} elsif ($arg eq "--disabled-login") {
$ask_passwd = 0;
$disabled_login = 1;
}
if ($ask_passwd) {
&systemcall('/usr/bin/passwd', $new_name);
} else {
if(!$disabled_login) {
&systemcall('/usr/sbin/usermod', '-p', '*', $new_name);
}
}
Perhaps what I really should have asked is about the contents of
/etc/{passwd,shadow}'s password field for disabled accounts.
Reply to: