尽管配置了 access.conf 并更新了 /etc/shadow，但 PAM 帐户配置仍拒绝访问

我一直在为设置 PAM 配置sshd，目前/etc/pam.d/sshd情况如下：

# Custom PAM config for sshd

# Disallow login if /etc/nologin exists, inherited from old sshd config
account required    pam_nologin.so

# SELinux rule. Inherited from old sshd
session [success=ok ignore=ignore module_unknown=ignore default=bad]    pam_selinux.so close

# Check username and password with custom binary
auth    [success=ok default=bad]    pam_exec.so expose_authtok /usr/bin/ssh-hash-checker

# Set the loginuid process attribute. Inherited from old sshd
session required    pam_loginuid.so

# Create a new session keyring. Inherited from old sshd
session optional    pam_keyinit.so force revoke

# Standard Un*x session setup and teardown. Inherited from old sshd
@include common-session

# MOTD. Inherited from old sshd
session optional    pam_motd.so  motd=/run/motd.dynamic
session optional    pam_motd.so noupdate

# Mail. Inherited from old sshd
session optional    pam_mail.so standard noenv

# Set up user limits from /etc/security/limits.conf. Inherited from old sshd
session required    pam_limits.so

# PAM Env. Inherited from old sshd
session required    pam_env.so # [1]

# In Debian 4.0 (etch), locale-related environment variables were moved to
# /etc/default/locale, so read that as well. Inherited from old sshd
session required    pam_env.so user_readenv=1 envfile=/etc/default/locale

# Another SELinux Rule Inherited from old sshd
session [success=ok ignore=ignore module_unknown=ignore default=bad]    pam_selinux.so  open

到目前为止，我已经测试了检查用户和密码的自定义二进制文件，它似乎运行正常，因为从报告中我可以看出，当给定的登录信息不正确时，密码会被拒绝而不会出现任何其他问题systemctl status。

但是，在有效登录尝试中，我获得以下登录信息systemctl status： fatal: Access denied for user <redacted> by PAM account configuration [preauth]

在谷歌上搜索该问题后，我发现这通常是由错误配置的 access.conf 引起的，因此这是当前的内容/etc/security/access.conf：

# Many lines of comments at the top...

# Allow root to login from wherever
+:root:ALL

# Allow <redacted> to login to SSH through PAM
+:<redacted>:ALL

# Deny access to everyone else from anywhere else
-:ALL:ALL

我最近没有更改任何用户密码，也从未手动修改/etc/shadow过/etc/passwd。

知道这可能是什么吗，或者我可以采取任何进一步的调试步骤？