2 Jun
2022
2 Jun
'22
1:54 p.m.
On 6/2/22 13:36, Jim Kinney wrote:
It seems if valid ssh keys exist, the expired account status doesn't block login with ssh keys.
I believe that's because *users* don't expire. *Passwords* do. If you aren't authenticating with passwords, then password expiration doesn't affect the account.
This is one of the reasons that users should consider using Kerberos, or SSH certificate systems, rather than SSH keys.