Add users with no SSH access to deniedssh group?
By default, Virtualmin will configure the SSH server to prevent logins by
users whose shells would not allow SSH access anyway. This is done by populating
the deniedssh group, and adding it to the OpenSSH configuration.
If you would like to disable this behavious, perhaps because it is not necessary
or causes domain creation to take too long, change this field to No.