I would like to achieve the following scenario. When the password is expired the user can log on with a valid ssh key. On SLE 15 and older EL7 the following is possible via no_pass_expiry:
account required pam_nologin.so account sufficient pam_unix.so no_pass_expiry account include password-auth password sufficient pam_unix.so no_pass_expiry password include password-auth
But I have not managed to figure out how to do it in SLE12. When I browse
man 8 pam_unix it misses this
no_pass_expiry entry on SLE12.
Shall I understand it is not possible to achieve such a goal on SLE12?