问题:

登陆aix ftp服务器报530错:

530 User root access denied.
Login failed。

分析:

前一在还可以登陆,今天突然的登陆不了

怀疑被人更改了ftp配置

解决步骤:

1:确定ftp服务

2:修改配置


过程:

1:确定ftp服务

系统:

[root]:/etc>uname -a
AIX localhost 3 5 00C762D44C00

ftp:服务:

参考:http://hi.baidu.com/stevenxia/blog/item/dcada6ca340c1587c817681d.html

[root]:/etc>lssrc -t ftp
Service       Command                  Description              Status 
ftp          /usr/sbin/ftpd           ftpd                     active

结论,当前系统使用的是默认的ftpd服务


2:分析配置

查看ftpd man文档,查看相关配置内容

man ftpd

其中查到以下一些想关的配置文件:/etc/ftpaccess.ctl,/etc/ftpusers
分析发现系统中不存在这些配置文件

进一步查看man 文档,发现以下内容:

If the current authentication method is the Standard Operating system authentication method:

       Before the ftpd daemon can transfer files for a client process, it must authenticate the client process. The ftpd daemon
       authenticates client processes according to these rules:
       *    The user must have a password in the password database, /etc/security/passwd. (If the user's password is not null, the
            client process must provide that password.)
       *    The user name must not appear in the /etc/ftpusers file.
       *    The user's login shell must appear in the shells attribute of the /etc/security/login.cfg file.
       *    If the user name is anonymous, ftp or is a defined anonymous user in the /etc/ftpaccess.ctl file, an anonymous FTP
            account must be defined in the password file. In this case, the client process is allowed to log in using any
            password. By convention, the password is the name of the client host. The ftpd daemon takes special measures to
            restrict access by the client process to the anonymous account.


即在ftp登中的用户认证过程中涉及到了以下步骤

1:/etc/security/passwd. 中有进行配置

2:/etc/ftpusers 里没有出现用户

3:etc/security/login.cfg 登陆shell里必需进行配置

到此明确了问题 :前天下载安装了bash,并更新了root的登陆shell为bash

所以在etc/security/login.cfg里增加了/usr/bin/bash后,即可登陆

问题 解决

10-02 08:54