How about
sudo passwd -aS
man passwd tells us:
-a, --all
This option can be used only with -S and causes show status for all
users.
-S, --status
Display account status information. The status information
consists of 7 fields. The first field
is the user´s login name. The second
field indicates if the user account is
locked (L), has no password (NP), or
has a usable password (P). The third
field gives the date of the last
password change. The next four fields
are the minimum age, maximum age,
warning period, and inactivity period
for the password. These ages are
expressed in days.
And then to lock and unlock accounts we find this:
-l, --lock
Lock the password of the named account. This option disables a password by changing it to >a value which matches no possible encrypted value (it adds a ´!´ at the beginning of the >password).
Note that this does not disable the account. The user may still be able to login using >another authentication token (e.g. an SSH key). To disable the account, administrators >should use usermod --expiredate 1 (this set the account´s expire date to Jan 2, 1970).
Users with a locked password are not allowed to change their password.
-u, --unlock
Unlock the password of the named account. This option re-enables a password by changing >the password back to its
previous value (to the value before using -l option, by removing the leading ´!´).
Hope this cut and paste from the man page clarifies things.
Thanks for the answer. Could you clarify this though: By 'locking' the account, this means that the user still exists on the system (i.e. can own files etc), but can no longer log into the system - right? – morpheous – 2010-08-26T10:44:01.237
Yes, that is true. Password is disabled, but login with ssh keys are still possible. – Johan – 2010-08-26T13:59:12.727