Current prefix for locked password is set to '!!' This might is RedHat specific. Slakware and SuSE use: '!' - account(password) can be unlocked '*' - account(password) always remain locked
What does the "lock account" command (ie passwd -l or equivalent) do?
passwd -l/-u : add/remove symbol '!' before password string passwd -S : report locked password when first symbol is '!' or '*' tested on some slackware and suse versions about '*' prefix. let account password contain '*' - passwd -S report locked after passwd -l : password is '!*' - passwd -S report locked after passwd -u : password is '*' - passwd -S report locked again after passwd -u : no changes in account state I dont have information for other distro.
I think we should just change LOCKED_PASSWD_PREFIX to "!" for all Linuxes, which will also work for Redhat. Debian, Slackware and SuSE all use the upstream "shadow" package (ftp://ftp.pld.org.pl/software/shadow) which does this to lock accounts: strcpy (newpw, "!"); strcat (newpw, cp);
Created attachment 577 [details] Use single "!" for LOCKED_PASSWD_PREFIX on Linuxes OK for 3.8.1p1?
Comment on attachment 577 [details] Use single "!" for LOCKED_PASSWD_PREFIX on Linuxes Fine by me
Patch applied, thanks for the report.
I agree with single '!' in prefix. Prefix '*' is only for always locked (usualy "system") accounts and might we can skip that case.
Mass move of bugs RESOLVED->CLOSED following the release of openssh-5.5p1