I cannot log in with any local users on my vsftpd running on CentOS6 32-bit. The server simply reports login incorrect.
My log files look like this:
[doctorblue@guardian ~]$ sudo tail /var/log/vsftpd.log /var/log/secure
==> /var/log/vsftpd.log <==
Fri Jun 7 01:37:33 2013 [pid 2453] DEBUG: Client "188.xxx.196.134", "Connection terminated without SSL shutdown - buggy client?"
Fri Jun 7 01:41:52 2013 [pid 2489] CONNECT: Client "188.xxx.196.134"
Fri Jun 7 01:41:53 2013 [pid 2488] [doctorblue] FAIL LOGIN: Client "188.xxx.196.134"
Fri Jun 7 01:41:54 2013 [pid 2489] DEBUG: Client "188.xxx.196.134", "Connection terminated without SSL shutdown - buggy client?"
Fri Jun 7 01:44:17 2013 [pid 678] CONNECT: Client "188.xxx.196.134"
Fri Jun 7 01:44:18 2013 [pid 677] [doctorblue] FAIL LOGIN: Client "188.xxx.196.134"
Fri Jun 7 01:44:19 2013 [pid 678] DEBUG: Client "188.xxx.196.134", "Connection terminated without SSL shutdown - buggy client?"
Fri Jun 7 01:45:39 2013 [pid 704] CONNECT: Client "188.xxx.196.134"
Fri Jun 7 01:45:51 2013 [pid 703] [doctorblue] FAIL LOGIN: Client "188.xxx.196.134"
Fri Jun 7 01:45:52 2013 [pid 704] DEBUG: Client "188.xxx.196.134", "Connection terminated without SSL shutdown - buggy client?"
==> /var/log/secure <==
Jun 7 01:31:22 guardian sshd[1742]: pam_unix(sshd:session): session closed for user doctorblue
Jun 7 01:42:53 guardian sshd[1814]: Received signal 15; terminating.
Jun 7 01:43:01 guardian sshd[568]: Server listening on 0.0.0.0 port 22.
Jun 7 01:43:01 guardian sshd[568]: Server listening on :: port 22.
Jun 7 01:43:07 guardian sshd[622]: Accepted publickey for doctorblue from 188.xxx.196.134 port 60406 ssh2
Jun 7 01:43:07 guardian sshd[622]: pam_unix(sshd:session): session opened for user doctorblue by (uid=0)
Jun 7 01:44:13 guardian sudo: doctorblue : TTY=pts/0 ; PWD=/home/doctorblue ; USER=root ; COMMAND=/sbin/service vsftpd start
Jun 7 01:45:23 guardian sudo: doctorblue : TTY=pts/0 ; PWD=/home/doctorblue ; USER=root ; COMMAND=/usr/bin/vim /etc/pam.d/vsftpd
Jun 7 01:45:34 guardian sudo: doctorblue : TTY=pts/0 ; PWD=/home/doctorblue ; USER=root ; COMMAND=/sbin/service vsftpd restart
Jun 7 01:46:13 guardian sudo: doctorblue : TTY=pts/0 ; PWD=/home/doctorblue ; USER=root ; COMMAND=/usr/bin/tail /var/log/vsftpd.log /var/log/secure
And these are my configuration files.
==> /etc/vsftpd/vsftpd.conf <==
# Allow anonymous connections
anonymous_enable=NO
# Log logins
dual_log_enable=YES
# Allow login from system users
local_enable=YES
# Prevent people from going to off-limit areas
chroot_local_user=YES
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd.chroot_list
# Enable recursive file listing
ls_recurse_enable=YES
# Enable commands for writing to the filesystem
# These are: STOR, DELE, RNFR, RNTO, MKD, RMD, APPE and SITE
write_enable=YES
# Enable standalone mode
listen=YES
# Maximum connections per IP address, helps defeat DoS attacks
max_per_ip=3
# Expect SSL handshake without request (Implicit FTPS)
implicit_ssl=NO
# SSL support
ssl_enable=YES
# Allow SSL for anonymous connections
allow_anon_ssl=NO
# Disallow insecure connections for data transfer
force_local_data_ssl=YES
# Disallow insecure connections for login
force_local_logins_ssl=YES
# Set the cipher used for encryption
ssl_ciphers=HIGH
# Enable TLS v1
ssl_tlsv1=YES
# Enable SSL v2
ssl_sslv2=NO
# Enable SSL v3
ssl_sslv3=YES
# RSA certficiate location
rsa_cert_file=/etc/vsftpd/vsftpd.pem
==> /etc/pam.d/vsftpd <==
#%PAM-1.0
session optional pam_keyinit.so force revoke
auth required pam_listfile.so item=user sense=deny file=/etc/vsftpd/ftpusers onerr=succeed
auth required pam_shells.so
auth include password-auth
account include password-auth
session required pam_loginuid.so
session include password-auth
Answers to other questions suggest that I try commenting out auth required pam_shells.so and restart the vsftp daemon but doing so makes no difference, it still reports incorrect login, and the exact same entries appear in the log files.
