diff --git a/lib/fog/rackspace/models/compute_v2/server.rb b/lib/fog/rackspace/models/compute_v2/server.rb
index b25bc8b37..5da58987a 100644
--- a/lib/fog/rackspace/models/compute_v2/server.rb
+++ b/lib/fog/rackspace/models/compute_v2/server.rb
@@ -1,3 +1,4 @@
+# -*- coding: utf-8 -*-
 require 'fog/compute/models/server'
 require 'fog/rackspace/models/compute_v2/metadata'
 
@@ -521,13 +522,14 @@ module Fog
         # @see Servers#bootstrap
         def setup(credentials = {})
           requires :public_ip_address, :identity, :public_key, :username
-          Fog::SSH.new(public_ip_address, username, credentials).run([
+          commands = [
             %{mkdir .ssh},
             %{echo "#{public_key}" >> ~/.ssh/authorized_keys},
-            %{passwd -l #{username}},
+            password_lock,
             %{echo "#{Fog::JSON.encode(attributes)}" >> ~/attributes.json},
             %{echo "#{Fog::JSON.encode(metadata)}" >> ~/metadata.json}
-          ])
+          ].compact
+          Fog::SSH.new(public_ip_address, username, credentials).run(commands)
         rescue Errno::ECONNREFUSED
           sleep(1)
           retry
@@ -538,6 +540,10 @@ module Fog
         def adminPass=(new_admin_pass)
           @password = new_admin_pass
         end
+
+        def password_lock
+          "passwd -l #{username}" unless attributes[:no_passwd_lock] 
+        end
       end
     end
   end
diff --git a/tests/rackspace/models/compute_v2/server_tests.rb b/tests/rackspace/models/compute_v2/server_tests.rb
index 048a3ca94..65eba5574 100644
--- a/tests/rackspace/models/compute_v2/server_tests.rb
+++ b/tests/rackspace/models/compute_v2/server_tests.rb
@@ -195,7 +195,35 @@ Shindo.tests('Fog::Compute::RackspaceV2 | server', ['rackspace']) do
     end
 
     @instance.wait_for { ready? }
-   end
+  end
+
+  tests('#setup') do
+    perform_setup = lambda { |attributes|
+      Fog::SSH::Mock.data.clear
+
+      server = Fog::Compute::RackspaceV2::Server.new(attributes)
+
+      address = 123
+
+      server.ipv4_address = address
+      server.identity = "bar"
+      server.public_key = "baz"
+
+      server.setup
+
+      Fog::SSH::Mock.data[address].first[:commands]
+    }
+
+    test("leaves user unlocked only when requested") do
+      perform_setup.call(:service => service, :no_passwd_lock => true)
+                   .none? { |c| c =~ /passwd\s+-l\s+root/ } 
+    end
+
+    test("locks user by default") do
+      perform_setup.call(:service => service)
+                   .one? { |c| c =~ /passwd\s+-l\s+root/ }
+    end
+  end
 
   #When after testing resize/resize_confirm we get a 409 when we try to resize_revert so I am going to split it into two blocks
   model_tests(service.servers, options, true) do