[Bug 496008] Re: public key authentication grants access even for locked accounts
man 1 passwd and reading the text regarding the -l option specifically says: Note that this does not disable the account. The user may still be able to login using another authentication token (e.g. an SSH key). To disable the account, administrators should use usermod --expiredate 1 (this set the account´s expire date to Jan 2, 1970). So this is not a bug. Changing status to invalid. ** Changed in: openssh (Ubuntu) Status: New = Invalid -- public key authentication grants access even for locked accounts https://bugs.launchpad.net/bugs/496008 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 496008] Re: public key authentication grants access even for locked accounts
From my understanding, this is standard behavior. I also believe it's documented in the manpages. I think you can use this to restrict password authentication for particular accounts although the proper way to go about it would be to deny password authentication for everyone except those users Matched in sshd_config. But yes, it's probably unnecessary. -- public key authentication grants access even for locked accounts https://bugs.launchpad.net/bugs/496008 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs