| commit | 0d96fe5a0ed65ace5a06125976a01848fd041dd2 | |
| author | Peter Avalos <pavalos@theshell.com> | |
| Mon, 29 Dec 2008 01:20:17 +0000 (28 20:20 -0500) | ||
| committer | Peter Avalos <pavalos@theshell.com> | |
| Fri, 2 Jan 2009 05:56:34 +0000 (2 00:56 -0500) | ||
| tree | 40f22c4d564d8aac047c5e09d57139a00de37752 | treesnapshot (tar.gz zip) |
| parent | 6a3bc79667bf29540b5e9b8de0838522d47e0c2f | commitdiff |
Lock out authentication if the account has been locked by pw(8).
In account management, verify whether the account has been locked
with `pw lock', so that it's impossible to log into a locked account
using an alternative authentication mechanism, such as an ssh key.
This change affects only accounts locked with pw(8), i.e., having a
`*LOCKED*' prefix in their password hash field, so people still can
use a different pattern to disable password authentication only.
Also, clean out some (void) casts and use libypclnt.
Obtained-from: FreeBSD
In account management, verify whether the account has been locked
with `pw lock', so that it's impossible to log into a locked account
using an alternative authentication mechanism, such as an ssh key.
This change affects only accounts locked with pw(8), i.e., having a
`*LOCKED*' prefix in their password hash field, so people still can
use a different pattern to disable password authentication only.
Also, clean out some (void) casts and use libypclnt.
Obtained-from: FreeBSD