Why all users are uid=0 when connecting through SSH?

Question

I was testing some pam rules and I noticed that all users has uid=0 (root) when they log in to the system through SSH. Could be a reason that sshd starts automatically when the server boots up? How to avoid this?

Dec 13 08:41:56 dc01 sshd[4293]: Accepted keyboard-interactive/pam for rmartinez from 192.168.10.10 port 45924 ssh2
Dec 13 08:41:56 dc01 sshd[4293]: pam_unix(sshd:session): session opened for user rmartinez by (uid=0)
Dec 13 08:46:08 dc01 sshd[4404]: Connection from 192.168.10.10 port 45934 on 192.168.10.10 port 22
Dec 13 08:46:08 dc01 sshd[4404]: Postponed keyboard-interactive for pgambarte from 192.168.10.10 port 45934 ssh2 [preauth]
Dec 13 08:46:08 dc01 sshd[4404]: Accepted keyboard-interactive/pam for pgambarte from 192.168.10.10 port 45934 ssh2
Dec 13 08:46:08 dc01 sshd[4404]: pam_unix(sshd:session): session opened for user pgambarte by (uid=0)
Dec 13 08:46:21 dc01 sshd[4457]: Connection from 192.168.10.10 port 45936 on 192.168.10.10 port 22
Dec 13 08:46:21 dc01 sshd[4457]: Postponed keyboard-interactive for rmartinez from 192.168.10.10 port 45936 ssh2 [preauth]
Dec 13 08:46:21 dc01 sshd[4457]: Accepted keyboard-interactive/pam for rmartinez from 192.168.10.10 port 45936 ssh2
Dec 13 08:46:21 dc01 sshd[4457]: pam_unix(sshd:session): session opened for user rmartinez by (uid=0)

Thank you so much. Regards.

What is the uid set for those users if you type" getent passwd" I notice that in the example the username is rmartin. The r might imply this is set up as a root account. — davidgo, Dec 13 '19 at 09:49
SSH starting up as root does not mean users have root access she connecting via SSH. — davidgo, Dec 13 '19 at 09:50
That's not what the log says: "session opened *for* user X *by* uid=0" not "session opened *for* user X, who *is* uid=0". If I open a door for you, that doesn't mean you are now me ;) — Piskvor left the building, Dec 13 '19 at 09:58
Thank you for replying. rmartin is because that user is Rosa Martin. It's an LDAP user + Kerberos principal, so are not in passwd. The uid is rmartin and the uidNumber is 10003. Piskvor, but If I set up a PAM rule (pam_rootok.so) to avoid asking password just for the root user (is just an exercise, not a real environment) that rules affects to everybody because the system thinks that is root who is trying to open the door... — DRI, Dec 13 '19 at 10:11

Why all users are uid=0 when connecting through SSH?

0 Answers0