Which pam module consults /etc/security/access.conf? I have a deny clause in it but it doesn't seem to work.
In /var/log/secure, I see a
<hostname> sshd[1879]: pam_sss(sshd:auth): authentication success...
<hostname> sshd[1879]: Accepted password for ...
<hostname> sshd[1879]: pam_unix(sshd:session): session opened for user ...