Auth failure with uid >= 1000 on fc18

Alex mysqlstudent at
Tue Mar 19 02:02:48 UTC 2013

Hi all,

I am trying to ssh into my fc18 server as root and have the following
message in syslog:

Mar 18 18:29:20 bwipropnew sshd[12473]: pam_succeed_if(sshd:auth):
requirement "uid >= 1000" not met by user "root"

I see this is defined in /etc/login.defs as well as various files in
/etc/pam.d/. I know I'm not supposed to ssh as root, but I've
configured sshd_config to only allow it from specific IPs and only
with a key.

I'm just more curious why this error message is being produced? How
does the system discern a system user from a regular user, other than
by its UID being greater than 1000? It appears to only be a warning
according to the pam.d files:

# grep 1000 password*
password-auth:auth        requisite uid >= 1000
password-auth:account     sufficient uid < 1000 quiet
password-auth-ac:auth        requisite uid >=
1000 quiet_success
password-auth-ac:account     sufficient uid < 1000 quiet

It seems sometimes I receive this error/warning while other times I
don't, so I'm really not sure what affect this is having.

Is this part of the sssd security system? Where can I find more
information about how this all works? Is this indeed only a warning at
this point?


More information about the users mailing list