On 12/23/2012 06:26 PM, Eero Volotinen wrote: > 2012/12/23 Lars Noodén <lars.noo...@gmail.com>: >> On 12/23/2012 06:01 PM, Beco wrote: >>> On Sun, Dec 23, 2012 at 11:29 AM, Lars Noodén <lars.noo...@gmail.com> wrote: >>>> >>>> Although it says that the allow/deny directives are processed in the >>>> following order DenyUsers, AllowUsers, DenyGroups, and AllowGroups, it >>>> does not say if the first match or last match is what is applied. I've >>>> tried a little experimenting and not found a way to grant exceptions >>>> through either AllowUsers or AllowGroups, but that might be just my >>>> confusion. >>>> >>>> Regards, >>>> /Lars >>>> >>> >>> I've tried your idea here. I think its not possible. >>> >>> I don't want to look one by one. There should be a way to process them in >>> batch. >>> >>> I find David's idea of editing passwd dangerous and annoying. It would >>> be ok to change a single user, but even then I would choose this way >>> with caution. >>> >>> >>> Thanks, >>> Beco. >> >> Another way would be to try 'passwd -l' to lock the accounts and then >> later use 'passwd -u' to unlock them. > > Does it also work for ssh public keys also? I think recommended way is > to use chage: http://linux.die.net/man/1/chage
Good point. 'passwd -l' does not seem to work against keys it does work against regular log in. Regards, /Lars -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/50d731e7.9020...@gmail.com