All Products
Search
Document Center

When you log on to an ECS instance using SSH, the system prompts the "requirement" uid> = 1000 "not met by user" root "error

Last Updated: Sep 21, 2020

Disclaimer: This article may contain information about third-party products. Such information is for reference only. Alibaba Cloud does not make any guarantee, express or implied, with respect to the performance and reliability of third-party products, as well as potential impacts of operations on the products.

 

Problem description

You cannot log on to an ECS instance of the Linux system after entering the correct username and password. When the problem occurs,Management terminalYou can log on to the client by using either of the two methods, or you cannot log on by using either method. The following error messages are displayed in the secure log.

pam_succeed_if(sshd:auth): requirement "uid >= 1000" not met by user "root".

 

Causes

PAM-related module policy configuration prohibits UID from being less than 1000To log on.

 

Solution

Relevant configurations and descriptions in this article have been tested in the CentOS 6.5 64-bit operating system. The configurations of other operating systems may be different. For more information, see the official documentation of the corresponding operating system.

  1. Use an SSH client orManagement terminalLog on to the server.
  2. PassCatCommand to view the abnormal logon mode, the corresponding PAM configuration file, please refer to the following information.
    File Feature
    /etc/pam.d/login Configuration file corresponding to the console (management Terminal)
    /etc/pam.d/sshd Log on to the corresponding configuration file
    /etc/pam.d/system-auth System global configuration file
    Note: for each application that enables PAM/Etc/pam. dEach directory has a configuration file with the same name. For example, the configuration file of the login command is/Etc/pam. d/loginTo configure a specific policy in the corresponding configuration file. Check whether the preceding configuration file contains any information similar to the following.
    auth required pam_succeed_if.so uid >= 1000
  3. UseViEditor, modify the configuration in the corresponding configuration file, delete the entire line or add # comments before the paragraph, please refer to the following information.
    Note: We recommend that you back up the files before you modify the policy configuration.
    auth        required      pam_succeed_if.so uid <= 1000      # Change policy
    # Auth required pam_succeed_if.so uid> = 1000 # cancel related configuration
  4. Try to log on to the server again.

 

Reference

For more information, see the following documents:Step-by-step troubleshooting and analysis.

 

Application scope

  • ECS