datouboy
datouboy
2019-04-04 18:26

vsftpd 虚拟用户pam验证通不过,530 Login incorrect. (Centos7)

  • linux
  • centos

环境:Centos7.2
Vsftpd版本:3.0.2

SELinux 已关闭
防火墙已关闭
vconf目录正确,文件名正确
virtusers.db生成正确
虚拟用户用户名与vconf下文件名对应正确

本身这套配置应该没问题,因为已经配置过很多台服务器,都是使用的这套配置,唯独这台服务器,同样的配置,就不行了。

vsftpd.conf配置如下:

anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=002
anon_upload_enable=NO
anon_mkdir_write_enable=NO
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
chown_uploads=NO
xferlog_file=/opt/log/vsftpd/vsftpd.log
xferlog_std_format=YES
nopriv_user=vsftpd
async_abor_enable=YES
ascii_upload_enable=YES
ascii_download_enable=YES
ftpd_banner=Welcome to Alex FTP service.
chroot_local_user=YES
chroot_list_enable=NO
ls_recurse_enable=NO
listen=YES
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
guest_enable=YES
guest_username=overlord
virtual_use_local_privs=YES
user_config_dir=/etc/vsftpd/vconf
listen_port=21
pasv_min_port=5000
pasv_max_port=5010

pam.d/vsftpd 配置如下:

#%PAM-1.0
auth       sufficient   pam_userdb.so     db=/etc/vsftpd/virtusers
account    sufficient   pam_userdb.so     db=/etc/vsftpd/virtusers
session    optional     pam_keyinit.so    force revoke
auth       required pam_listfile.so item=user sense=deny file=/etc/vsftpd/ftpusers onerr=succeed
auth       required pam_shells.so
auth       include  password-auth
account    include  password-auth
session    required     pam_loginuid.so
session    include  password-auth

FTP报错信息:

[root@debug010000002015 ~]# ftp XXX.29.190.XXX
Connected to XXX.29.190.XXX (XXX.29.190.XXX).
220 Welcome to Alex FTP service.
Name (XXX.29.190.XXX:root): dddboy
331 Please specify the password.
Password:
530 Login incorrect.
Login failed.
ftp> quit
221 Goodbye.

tail -f /var/log/secure 日志如下:

Apr 04 12:41:05 debug020000002019.local.alipay.net vsftpd[25977]: pam_unix(vsftpd:auth): check pass; user unknown
Apr 04 12:41:05 debug020000002019.local.alipay.net vsftpd[25977]: pam_unix(vsftpd:auth): authentication failure; logname= uid=0 euid=0 tty=ftp ruser=dlex rhost=158.147.202.138
Apr 04 14:14:51 debug020000002019.local.alipay.net vsftpd[27069]: pam_unix(vsftpd:auth): check pass; user unknown
Apr 04 14:14:51 debug020000002019.local.alipay.net vsftpd[27069]: pam_unix(vsftpd:auth): authentication failure; logname= uid=0 euid=0 tty=ftp ruser=dlex rhost=158.147.202.138
Apr 04 16:47:16 debug020000002019.local.alipay.net vsftpd[28786]: pam_unix(vsftpd:auth): check pass; user unknown
Apr 04 16:47:16 debug020000002019.local.alipay.net vsftpd[28786]: pam_unix(vsftpd:auth): authentication failure; logname= uid=0 euid=0 tty=ftp ruser=dddboy rhost=debug020000002019.local.alipay.net
Apr 04 16:54:35 debug020000002019.local.alipay.net vsftpd[28888]: pam_unix(vsftpd:auth): check pass; user unknown
Apr 04 16:54:35 debug020000002019.local.alipay.net vsftpd[28888]: pam_unix(vsftpd:auth): authentication failure; logname= uid=0 euid=0 tty=ftp ruser=aa rhost=debug020000002019.local.alipay.net
Apr 04 16:58:06 debug020000002019.local.alipay.net vsftpd[28933]: pam_unix(vsftpd:auth): check pass; user unknown
Apr 04 16:58:06 debug020000002019.local.alipay.net vsftpd[28933]: pam_unix(vsftpd:auth): authentication failure; logname= uid=0 euid=0 tty=ftp ruser=dlex rhost=158.147.202.138
  • 点赞
  • 回答
  • 收藏
  • 复制链接分享

1条回答

为你推荐