Am Thu, Jun 02, 2022 at 05:17:12PM -0400 schrieb Jim Kinney:
> I have set krbPrincipalExpiration but it's not referenced as far as I can
> tell. That setting will block use of a password which is why I was thinking a
> pam setting change for sshd would pull it in. But password in pam uses the
>
I have set krbPrincipalExpiration but it's not referenced as far as I can tell.
That setting will block use of a password which is why I was thinking a pam
setting change for sshd would pull it in. But password in pam uses the same pam
functions as sshd. Is there a sssd.conf setting to also be c
On 6/2/22 13:36, Jim Kinney wrote:
It seems if valid ssh keys exist, the expired account status doesn't
block login with ssh keys.
I believe that's because *users* don't expire. *Passwords* do. If you
aren't authenticating with passwords, then password expiration doesn't
affect the account.
