X-Recipient: archive-cygwin AT delorie DOT com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:subject:to:references:from:message-id:date
	:mime-version:in-reply-to:content-type
	:content-transfer-encoding; q=dns; s=default; b=dYAkF+Uehg/kGnnm
	BpczL1iSpQRmPP3jLMNZ5XAqd0qmw70JAANqvLnXH/Cfs/7lRsLS4AcLXcUnuyvZ
	o95b0viIYwKcWBzDLSfmlDCs3xB0ul/Kd7e6A4abRkWkH7jHfPplKhos6hGQuqnw
	sary1AnDSuH3GOyAUvldl9DuI/k=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:subject:to:references:from:message-id:date
	:mime-version:in-reply-to:content-type
	:content-transfer-encoding; s=default; bh=jeEe2723qfGxXc+xg7ixyf
	d8Xog=; b=VwbAmHunUCVjoQV4jpCeyBcUbtMcBIpzGnFP6DSj+A7QU5aA9kFuJo
	51GJNrSiR61K5pGs1UpUQ8uQvpa6vdiR+diuz6voqw+EdH1EfNlmgKgkNck9Mx7E
	zGSoSZaa6NREONlHzz5hpSFkRdnVR6/sxcP50kaWrmJVdupULc68o=
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Authentication-Results: sourceware.org; auth=none
X-Spam-SWARE-Status: =?ISO-8859-1?Q?No, score=-0.9 required=5.0 tests=BAYES_00,KAM_LAZY_DOMAIN_SECURITY,RCVD_IN_DNSWL_NONE autolearn=no version=3.3.2 spammy=8:t, 8:un, 8:ha, 8:=c3=a4?=
X-HELO: mout.kundenserver.de
Subject: Re: sshd permits logon using disabled user?
To: cygwin AT cygwin DOT com
References: <CANV9t=SSyof86c5Yz3tNhwj4To=eKnrmveQcr59ZmMY-X9_txA AT mail DOT gmail DOT com> <20190124154533 DOT GK2802 AT calimero DOT vinschen DOT de> <CANV9t=RtGmpkogw0J7oCME+f4GNkeWo=QSJZFA_jOqyBxPLLdw AT mail DOT gmail DOT com>
From: Stefan Baur <X2Go-ML-1 AT baur-itcs DOT de>
Openpgp: preference=signencrypt
Message-ID: <1b1ba104-977f-7297-6d8e-1b456acae305@baur-itcs.de>
Date: Thu, 24 Jan 2019 18:57:59 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.2.1
MIME-Version: 1.0
In-Reply-To: <CANV9t=RtGmpkogw0J7oCME+f4GNkeWo=QSJZFA_jOqyBxPLLdw@mail.gmail.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-IsSubscribed: yes

Am 24.01.19 um 18:52 schrieb Bill Stewart:
> If you want to have an account that does not require a password, there is a
> separate flag for that - PASSWD_NOTREQD - although setting this may be
> prohibited by policy.

That sounds like the total opposite - allowing login without a password.

Now, if there was a flag PASSWD_NOTPERMITTED or something like that,
then we'd be able to emulate what can be done on Linux with "passwd -l
username" and an ssh key file.

Kind Regards,
Stefan Baur

-- 
BAUR-ITCS UG (haftungsbeschränkt)
Geschäftsführer: Stefan Baur
Eichenäckerweg 10, 89081 Ulm | Registergericht Ulm, HRB 724364
Fon/Fax 0731 40 34 66-36/-35 | USt-IdNr.: DE268653243

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple