When using RADIUS as system user-auth backend this does not apply to the console-server which uses dropbear for the SSH to RS232 mapping.
Main reason is that default Debian Dropbear is not compiled with libpam support.- `/sbin/radius_shell`was not listed as an allowed shell
- `dropbear` returns: `Feb 14 14:56:15 vyos dropbear[4844]: User account 'username' is locked`