Does sshd use PAM's "account" (authorization) mechanism (as opposed to "auth" (authentication)) when UsePam is enabled? If so then pam_unix should be able to say "ah, the password starts with a !, therefore the account is disabled"... according to Steve Langasek[0] this is the case. [0] http://groups.google.co.uk/group/linux.debian.devel/msg/a54962f20531e4b8 -- Sam Morris http://robots.org.uk/ PGP key id 1024D/5EA01078 3412 EA18 1277 354B 991B C869 B219 7FDB 5EA0 1078
Attachment:
signature.asc
Description: This is a digitally signed message part