This article is a mirror article of machine translation, please click here to jump to the original article.

Architect_Programmer_Code Agriculture Network»Architect Other Technologies Server configuration Ubuntu vsftpd 530 Login incorrect root cause and solution ...
View: 45331|Reply: 0

[FTP] ubuntu vsftpd 530 Login incorrect root cause and solution

[Copy link]
Posted on 7/4/2019 3:56:31 PM | | |
1 Background analysis
Ubuntu installation VSFTPD is generally used:


My centOS service version is as follows:

[root@itsvse~]# vsftpd -version
vsftpd: version 3.0.2



After referring to the configuration of other online tutorials, if the account, password, and home directory are correct, you may encounter the issue of account login prompt 530 Login incorrect.
There are many solutions on the Internet, such as modifying the /etc/vsftpd.conf file to change pam_service_name=vsftpd to pam_service_name=ftp, which can solve this problem, but this method is actually wrong.This is because the /etc/pam.d/ftp file does not exist, equal tobypassed PAM

2 vsftpd PAM file analysis

/etc/pam.d/vsftpd 默认如下

#%PAM-1.0
session    optional     pam_keyinit.so    force revoke
auth       required        pam_listfile.so item=user sense=deny file=/etc/vsftpd/ftpusers onerr=succeed
auth       required        pam_shells.so
auth       include        password-auth
account    include        password-auth
session    required     pam_loginuid.so
session    include        password-auth

There are things that can cause 530 errors
auth required pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed


and
auth required pam_shells.so

2.1 /etc/ftpusers

auth required pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed
The meaning of this configuration item is that users in /etc/ftpusers are prohibited from logging in if the file does not exist in the default all users are allowed to log in. So make sure the user is not in this file.

2.2 pam_shells.so

auth required pam_shells.so configuration item with shell commands in the file



cat /etc/shells
# /etc/shells: valid login shells
/bin/sh
/bin/dash
/bin/bash
/bin/rbash
When creating an FTP user,In order to disable SSH login, generally /bin/false, /usr/sbin/nologinetc., obviously not a valid bash, so you can't log in.

3 Solution

1. Check /etc/ftpusers to make sure the account is not in this file.
2. Modify /etc/pam.d/vsftpd
Modify auth required pam_shells.so to ->auth required pam_nologin.so (Or comment out this line
3. Restart vsftpd


(End)




Previous:VS2017 +EF6 Connect to MYSQL database to generate entities
Next:java unzips nested files (with empty folders) with zipInputStream

Related Posts
Disclaimer:
All software, programming materials or articles published by Code Farmer Network are only for learning and research purposes; The above content shall not be used for commercial or illegal purposes, otherwise, users shall bear all consequences. The information on this site comes from the Internet, and copyright disputes have nothing to do with this site. You must completely delete the above content from your computer within 24 hours of downloading. If you like the program, please support genuine software, purchase registration, and get better genuine services. If there is any infringement, please contact us by email.
Mail To:help@itsvse.com