530 登錄不正確 - vsftpd w/SSL（不使用 PAM？）

在 CentOS6 32 位上執行的 vsftpd 上，我無法使用任何本地使用者登錄。伺服器只是報告登錄不正確。

我的日誌文件如下所示：

[doctorblue@guardian ~]$ sudo tail /var/log/vsftpd.log /var/log/secure
==> /var/log/vsftpd.log <==
Fri Jun  7 01:37:33 2013 [pid 2453] DEBUG: Client "188.xxx.196.134", "Connection terminated without SSL shutdown - buggy client?"
Fri Jun  7 01:41:52 2013 [pid 2489] CONNECT: Client "188.xxx.196.134"
Fri Jun  7 01:41:53 2013 [pid 2488] [doctorblue] FAIL LOGIN: Client "188.xxx.196.134"
Fri Jun  7 01:41:54 2013 [pid 2489] DEBUG: Client "188.xxx.196.134", "Connection terminated without SSL shutdown - buggy client?"
Fri Jun  7 01:44:17 2013 [pid 678] CONNECT: Client "188.xxx.196.134"
Fri Jun  7 01:44:18 2013 [pid 677] [doctorblue] FAIL LOGIN: Client "188.xxx.196.134"
Fri Jun  7 01:44:19 2013 [pid 678] DEBUG: Client "188.xxx.196.134", "Connection terminated without SSL shutdown - buggy client?"
Fri Jun  7 01:45:39 2013 [pid 704] CONNECT: Client "188.xxx.196.134"
Fri Jun  7 01:45:51 2013 [pid 703] [doctorblue] FAIL LOGIN: Client "188.xxx.196.134"
Fri Jun  7 01:45:52 2013 [pid 704] DEBUG: Client "188.xxx.196.134", "Connection terminated without SSL shutdown - buggy client?"

==> /var/log/secure <==
Jun  7 01:31:22 guardian sshd[1742]: pam_unix(sshd:session): session closed for user doctorblue
Jun  7 01:42:53 guardian sshd[1814]: Received signal 15; terminating.
Jun  7 01:43:01 guardian sshd[568]: Server listening on 0.0.0.0 port 22.
Jun  7 01:43:01 guardian sshd[568]: Server listening on :: port 22.
Jun  7 01:43:07 guardian sshd[622]: Accepted publickey for doctorblue from 188.xxx.196.134 port 60406 ssh2
Jun  7 01:43:07 guardian sshd[622]: pam_unix(sshd:session): session opened for user doctorblue by (uid=0)
Jun  7 01:44:13 guardian sudo: doctorblue : TTY=pts/0 ; PWD=/home/doctorblue ; USER=root ; COMMAND=/sbin/service vsftpd start
Jun  7 01:45:23 guardian sudo: doctorblue : TTY=pts/0 ; PWD=/home/doctorblue ; USER=root ; COMMAND=/usr/bin/vim /etc/pam.d/vsftpd
Jun  7 01:45:34 guardian sudo: doctorblue : TTY=pts/0 ; PWD=/home/doctorblue ; USER=root ; COMMAND=/sbin/service vsftpd restart
Jun  7 01:46:13 guardian sudo: doctorblue : TTY=pts/0 ; PWD=/home/doctorblue ; USER=root ; COMMAND=/usr/bin/tail /var/log/vsftpd.log /var/log/secure

這些是我的配置文件。

==> /etc/vsftpd/vsftpd.conf <==
# Allow anonymous connections
anonymous_enable=NO

# Log logins
dual_log_enable=YES

# Allow login from system users
local_enable=YES

# Prevent people from going to off-limit areas
chroot_local_user=YES
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd.chroot_list

# Enable recursive file listing
ls_recurse_enable=YES

# Enable commands for writing to the filesystem
# These are: STOR, DELE, RNFR, RNTO, MKD, RMD, APPE and SITE
write_enable=YES

# Enable standalone mode
listen=YES

# Maximum connections per IP address, helps defeat DoS attacks
max_per_ip=3

# Expect SSL handshake without request (Implicit FTPS)
implicit_ssl=NO

# SSL support
ssl_enable=YES

# Allow SSL for anonymous connections
allow_anon_ssl=NO

# Disallow insecure connections for data transfer
force_local_data_ssl=YES

# Disallow insecure connections for login
force_local_logins_ssl=YES

# Set the cipher used for encryption
ssl_ciphers=HIGH

# Enable TLS v1
ssl_tlsv1=YES

# Enable SSL v2
ssl_sslv2=NO

# Enable SSL v3
ssl_sslv3=YES

# RSA certficiate location
rsa_cert_file=/etc/vsftpd/vsftpd.pem

==> /etc/pam.d/vsftpd <==
#%PAM-1.0
session    optional     pam_keyinit.so    force revoke
auth       required     pam_listfile.so item=user sense=deny file=/etc/vsftpd/ftpusers onerr=succeed
auth       required     pam_shells.so
auth       include      password-auth
account    include      password-auth
session    required     pam_loginuid.so
session    include      password-auth

對其他問題的回答建議我嘗試註釋掉auth required pam_shells.so並重新啟動 vsftp 守護程序，但這樣做沒有任何區別，它仍然報告不正確的登錄，並且完全相同的條目出現在日誌文件中。

我無法再對問題進行故障排除，因為我通過重新安裝虛擬機修復了它。

引用自：https://serverfault.com/questions/513932