User List Options
userlist_deny

This option is examined if userlist_enable is activated.

If you set this setting to NO, then users will be denied login unless they are explicitly listed in the file specified by userlist_file.

When login is denied, the denial is issued before the user is asked for a password.

default=YES