=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="tc" exe="/usr/local/bin/tc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 138.023717] audit: type=1327 audit(1696274516.126:2040): proctitle=74630066696C746572007265706C616365006465760063696C69756D5F76786C616E00696E6772657373007072696F00310068616E646C65003100627066006461006F626A006270665F6F7665726C61792E6F007365630066726F6D2D6F7665726C6179 [ 138.029573] audit: type=1334 audit(1696274516.127:2041): prog-id=823 op=UNLOAD [ 138.036481] audit: type=1334 audit(1696274516.127:2042): prog-id=824 op=LOAD [ 138.041112] audit: type=1300 audit(1696274516.127:2042): arch=c000003e syscall=321 success=yes exit=5 a0=5 a1=7fff0363fa60 a2=80 a3=0 items=0 ppid=3803 pid=3894 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="tc" exe="/usr/local/bin/tc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 138.048396] audit: type=1327 audit(1696274516.127:2042): proctitle=74630066696C746572007265706C616365006465760063696C69756D5F76786C616E00696E6772657373007072696F00310068616E646C65003100627066006461006F626A006270665F6F7665726C61792E6F007365630066726F6D2D6F7665726C6179 [ 138.055754] audit: type=1334 audit(1696274516.128:2043): prog-id=824 op=UNLOAD [ 138.057492] audit: type=1334 audit(1696274516.128:2044): prog-id=825 op=LOAD [ 138.059520] audit: type=1300 audit(1696274516.128:2044): arch=c000003e syscall=321 success=yes exit=8 a0=5 a1=7fff0363f740 a2=80 a3=0 items=0 ppid=3803 pid=3894 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="tc" exe="/usr/local/bin/tc" subj=system_u:system_r:kernel_t:s0 key=(null) This is ip-172-31-28-226 (Linux x86_64 5.15.132-flatcar) 19:21:56 SSH host key: SHA256:s6DHKYSgCFG8TJDGHyYvlcsjP/jgrx1lGCSQdq8P0kI (RSA) SSH host key: SHA256:9rKkBBcpE7rt6QoAHyWSsd1ufxM6tJxMVBUQkbsVNfg (ECDSA) SSH host key: SHA256:X5eIZuV2p2uOWuj40X0NF6hgTE/Kkg7+SLRZCkOctOs (ED25519) eth0: 172.31.28.226 fe80::4f3:bcff:fe8c:ce9d ip-172-31-28-226 login: [ 139.104104] IPv6: ADDRCONF(NETDEV_CHANGE): lxc_health: link becomes ready This is ip-172-31-28-226 (Linux x86_64 5.15.132-flatcar) 19:21:57 SSH host key: SHA256:s6DHKYSgCFG8TJDGHyYvlcsjP/jgrx1lGCSQdq8P0kI (RSA) SSH host key: SHA256:9rKkBBcpE7rt6QoAHyWSsd1ufxM6tJxMVBUQkbsVNfg (ECDSA) SSH host key: SHA256:X5eIZuV2p2uOWuj40X0NF6hgTE/Kkg7+SLRZCkOctOs (ED25519) eth0: 172.31.28.226 fe80::4f3:bcff:fe8c:ce9d ip-172-31-28-226 login: This is ip-172-31-28-226 (Linux x86_64 5.15.132-flatcar) 19:21:58 SSH host key: SHA256:s6DHKYSgCFG8TJDGHyYvlcsjP/jgrx1lGCSQdq8P0kI (RSA) SSH host key: SHA256:9rKkBBcpE7rt6QoAHyWSsd1ufxM6tJxMVBUQkbsVNfg (ECDSA) SSH host key: SHA256:X5eIZuV2p2uOWuj40X0NF6hgTE/Kkg7+SLRZCkOctOs (ED25519) eth0: 172.31.28.226 fe80::4f3:bcff:fe8c:ce9d ip-172-31-28-226 login: [ 141.269374] eth0: renamed from tmpe3012 [ 141.274010] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 141.275929] IPv6: ADDRCONF(NETDEV_CHANGE): lxc76b6220c1ff3: link becomes ready This is ip-172-31-28-226 (Linux x86_64 5.15.132-flatcar) 19:21:59 SSH host key: SHA256:s6DHKYSgCFG8TJDGHyYvlcsjP/jgrx1lGCSQdq8P0kI (RSA) SSH host key: SHA256:9rKkBBcpE7rt6QoAHyWSsd1ufxM6tJxMVBUQkbsVNfg (ECDSA) SSH host key: SHA256:X5eIZuV2p2uOWuj40X0NF6hgTE/Kkg7+SLRZCkOctOs (ED25519) eth0: 172.31.28.226 fe80::4f3:bcff:fe8c:ce9d ip-172-31-28-226 login: This is ip-172-31-28-226 (Linux x86_64 5.15.132-flatcar) 19:22:00 SSH host key: SHA256:s6DHKYSgCFG8TJDGHyYvlcsjP/jgrx1lGCSQdq8P0kI (RSA) SSH host key: SHA256:9rKkBBcpE7rt6QoAHyWSsd1ufxM6tJxMVBUQkbsVNfg (ECDSA) SSH host key: SHA256:X5eIZuV2p2uOWuj40X0NF6hgTE/Kkg7+SLRZCkOctOs (ED25519) eth0: 172.31.28.226 fe80::4f3:bcff:fe8c:ce9d ip-172-31-28-226 login: [ 143.014356] kauditd_printk_skb: 2193 callbacks suppressed [ 143.014359] audit: type=1400 audit(1696274521.128:3061): avc: denied { confidentiality } for pid=4297 comm="bpftool" lockdown_reason="use of bpf to read kernel RAM" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=lockdown permissive=0 [ 143.023774] audit: type=1300 audit(1696274521.128:3061): arch=c000003e syscall=321 success=no exit=-22 a0=5 a1=7ffcf205c020 a2=90 a3=2 items=0 ppid=4236 pid=4297 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bpftool" exe="/usr/local/bin/bpftool" subj=system_u:system_r:kernel_t:s0 key=(null) [ 143.033161] audit: type=1327 audit(1696274521.128:3061): proctitle=627066746F6F6C00666561747572650070726F6265006D6163726F73 [ 143.049897] audit: type=1400 audit(1696274521.128:3062): avc: denied { confidentiality } for pid=4297 comm="bpftool" lockdown_reason="use of bpf to read kernel RAM" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=lockdown permissive=0 [ 143.056769] audit: type=1300 audit(1696274521.128:3062): arch=c000003e syscall=321 success=no exit=-22 a0=5 a1=7ffcf205c020 a2=90 a3=2 items=0 ppid=4236 pid=4297 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bpftool" exe="/usr/local/bin/bpftool" subj=system_u:system_r:kernel_t:s0 key=(null) [ 143.067837] audit: type=1327 audit(1696274521.128:3062): proctitle=627066746F6F6C00666561747572650070726F6265006D6163726F73 [ 143.072027] audit: type=1334 audit(1696274521.128:3063): prog-id=1271 op=LOAD [ 143.077328] audit: type=1300 audit(1696274521.128:3063): arch=c000003e syscall=321 success=yes exit=3 a0=5 a1=7ffcf205c020 a2=90 a3=2 items=0 ppid=4236 pid=4297 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bpftool" exe="/usr/local/bin/bpftool" subj=system_u:system_r:kernel_t:s0 key=(null) [ 143.092090] audit: type=1327 audit(1696274521.128:3063): proctitle=627066746F6F6C00666561747572650070726F6265006D6163726F73 [ 143.106102] audit: type=1334 audit(1696274521.137:3064): prog-id=1271 op=UNLOAD [ 146.754281] IPv6: ADDRCONF(NETDEV_CHANGE): lxc_health: link becomes ready [ 147.525862] eth0: renamed from tmpe2893 [ 147.537376] IPv6: ADDRCONF(NETDEV_CHANGE): lxcfda0bf61bb43: link becomes ready [ 148.633736] kauditd_printk_skb: 2274 callbacks suppressed [ 148.633739] audit: type=1106 audit(1696274526.747:4101): pid=4702 uid=0 auid=500 ses=8 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 148.647716] audit: type=1104 audit(1696274526.747:4102): pid=4702 uid=0 auid=500 ses=8 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 148.656029] audit: type=1131 audit(1696274526.750:4103): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@7-172.31.28.226:22-139.178.89.65:44764 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' This is ip-172-31-28-226 (Linux x86_64 5.15.132-flatcar) 19:22:07 SSH host key: SHA256:s6DHKYSgCFG8TJDGHyYvlcsjP/jgrx1lGCSQdq8P0kI (RSA) SSH host key: SHA256:9rKkBBcpE7rt6QoAHyWSsd1ufxM6tJxMVBUQkbsVNfg (ECDSA) SSH host key: SHA256:X5eIZuV2p2uOWuj40X0NF6hgTE/Kkg7+SLRZCkOctOs (ED25519) eth0: 172.31.28.226 fe80::4f3:bcff:fe8c:ce9d ip-172-31-28-226 login: This is ip-172-31-28-226 (Linux x86_64 5.15.132-flatcar) 19:22:08 SSH host key: SHA256:s6DHKYSgCFG8TJDGHyYvlcsjP/jgrx1lGCSQdq8P0kI (RSA) SSH host key: SHA256:9rKkBBcpE7rt6QoAHyWSsd1ufxM6tJxMVBUQkbsVNfg (ECDSA) SSH host key: SHA256:X5eIZuV2p2uOWuj40X0NF6hgTE/Kkg7+SLRZCkOctOs (ED25519) eth0: 172.31.28.226 fe80::4f3:bcff:fe8c:ce9d ip-172-31-28-226 login: This is ip-172-31-28-226 (Linux x86_64 5.15.132-flatcar) 19:22:09 SSH host key: SHA256:s6DHKYSgCFG8TJDGHyYvlcsjP/jgrx1lGCSQdq8P0kI (RSA) SSH host key: SHA256:9rKkBBcpE7rt6QoAHyWSsd1ufxM6tJxMVBUQkbsVNfg (ECDSA) SSH host key: SHA256:X5eIZuV2p2uOWuj40X0NF6hgTE/Kkg7+SLRZCkOctOs (ED25519) eth0: 172.31.28.226 fe80::4f3:bcff:fe8c:ce9d ip-172-31-28-226 login: [ 158.659631] audit: type=1130 audit(1696274536.774:4104): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@8-172.31.28.226:22-139.178.89.65:56226 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 158.835481] audit: type=1101 audit(1696274536.950:4105): pid=4770 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 158.845471] audit: type=1103 audit(1696274536.960:4106): pid=4770 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 158.852950] audit: type=1006 audit(1696274536.960:4107): pid=4770 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=9 res=1 [ 158.866373] audit: type=1300 audit(1696274536.960:4107): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff7557b4a0 a2=3 a3=0 items=0 ppid=1 pid=4770 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=9 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 158.873888] audit: type=1327 audit(1696274536.960:4107): proctitle=737368643A20636F7265205B707269765D [ 158.876810] audit: type=1105 audit(1696274536.987:4108): pid=4770 uid=0 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 158.883508] audit: type=1103 audit(1696274536.989:4109): pid=4773 uid=0 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 159.093345] audit: type=1106 audit(1696274537.208:4110): pid=4770 uid=0 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 159.107599] audit: type=1104 audit(1696274537.208:4111): pid=4770 uid=0 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 163.789005] kauditd_printk_skb: 1 callbacks suppressed [ 163.789007] audit: type=1334 audit(1696274541.904:4113): prog-id=1688 op=LOAD [ 163.791657] audit: type=1300 audit(1696274541.904:4113): arch=c000003e syscall=321 success=yes exit=3 a0=5 a1=7ffd1a618de0 a2=74 a3=7ffd1a618de0 items=0 ppid=4812 pid=4867 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bpftool" exe="/usr/local/bin/bpftool" subj=system_u:system_r:kernel_t:s0 key=(null) [ 163.798950] audit: type=1327 audit(1696274541.904:4113): proctitle=627066746F6F6C002D6A00666561747572650070726F6265 [ 163.801656] audit: type=1334 audit(1696274541.904:4114): prog-id=1688 op=UNLOAD [ 163.803221] audit: type=1334 audit(1696274541.904:4115): prog-id=1689 op=LOAD [ 163.804938] audit: type=1300 audit(1696274541.904:4115): arch=c000003e syscall=321 success=yes exit=3 a0=5 a1=7ffd1a617e60 a2=90 a3=2 items=0 ppid=4812 pid=4867 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bpftool" exe="/usr/local/bin/bpftool" subj=system_u:system_r:kernel_t:s0 key=(null) [ 163.812522] audit: type=1327 audit(1696274541.904:4115): proctitle=627066746F6F6C002D6A00666561747572650070726F6265 [ 163.815335] audit: type=1334 audit(1696274541.906:4116): prog-id=1689 op=UNLOAD [ 163.818032] audit: type=1334 audit(1696274541.906:4117): prog-id=1690 op=LOAD [ 163.819490] audit: type=1300 audit(1696274541.906:4117): arch=c000003e syscall=321 success=yes exit=3 a0=5 a1=7ffd1a617e60 a2=90 a3=2 items=0 ppid=4812 pid=4867 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bpftool" exe="/usr/local/bin/bpftool" subj=system_u:system_r:kernel_t:s0 key=(null) [ 167.556354] IPv6: ADDRCONF(NETDEV_CHANGE): lxc_health: link becomes ready [ 167.999666] eth0: renamed from tmp8a5bd [ 168.007964] IPv6: ADDRCONF(NETDEV_CHANGE): lxc528a005cf20c: link becomes ready [ 169.117317] kauditd_printk_skb: 4190 callbacks suppressed [ 169.117320] audit: type=1130 audit(1696274547.231:6035): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@9-172.31.28.226:22-139.178.89.65:45744 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 169.181765] audit: type=1334 audit(1696274547.295:6036): prog-id=2515 op=LOAD [ 169.183462] audit: type=1300 audit(1696274547.295:6036): arch=c000003e syscall=321 success=yes exit=5 a0=5 a1=7ffdd9f8e9a0 a2=74 a3=7ffdd9f8e9a0 items=0 ppid=4812 pid=5291 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="tc" exe="/usr/local/bin/tc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 169.200022] audit: type=1327 audit(1696274547.295:6036): proctitle=74630066696C746572007265706C616365006465760063696C69756D5F686F737400696E6772657373007072696F00310068616E646C65003100627066006461006F626A003633385F6E6578742F6270665F686F73742E6F0073656300746F2D686F7374 [ 169.210769] audit: type=1334 audit(1696274547.296:6037): prog-id=2515 op=UNLOAD [ 169.214338] audit: type=1334 audit(1696274547.296:6038): prog-id=2516 op=LOAD [ 169.216241] audit: type=1300 audit(1696274547.296:6038): arch=c000003e syscall=321 success=yes exit=5 a0=5 a1=7ffdd9f8e930 a2=80 a3=0 items=0 ppid=4812 pid=5291 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="tc" exe="/usr/local/bin/tc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 169.225433] audit: type=1327 audit(1696274547.296:6038): proctitle=74630066696C746572007265706C616365006465760063696C69756D5F686F737400696E6772657373007072696F00310068616E646C65003100627066006461006F626A003633385F6E6578742F6270665F686F73742E6F0073656300746F2D686F7374 [ 169.233130] audit: type=1334 audit(1696274547.298:6039): prog-id=2516 op=UNLOAD [ 169.233195] audit: type=1334 audit(1696274547.298:6040): prog-id=2517 op=LOAD This is ip-172-31-28-226 (Linux x86_64 5.15.132-flatcar) 19:22:28 SSH host key: SHA256:s6DHKYSgCFG8TJDGHyYvlcsjP/jgrx1lGCSQdq8P0kI (RSA) SSH host key: SHA256:9rKkBBcpE7rt6QoAHyWSsd1ufxM6tJxMVBUQkbsVNfg (ECDSA) SSH host key: SHA256:X5eIZuV2p2uOWuj40X0NF6hgTE/Kkg7+SLRZCkOctOs (ED25519) eth0: 172.31.28.226 fe80::4f3:bcff:fe8c:ce9d ip-172-31-28-226 login: This is ip-172-31-28-226 (Linux x86_64 5.15.132-flatcar) 19:22:29 SSH host key: SHA256:s6DHKYSgCFG8TJDGHyYvlcsjP/jgrx1lGCSQdq8P0kI (RSA) SSH host key: SHA256:9rKkBBcpE7rt6QoAHyWSsd1ufxM6tJxMVBUQkbsVNfg (ECDSA) SSH host key: SHA256:X5eIZuV2p2uOWuj40X0NF6hgTE/Kkg7+SLRZCkOctOs (ED25519) eth0: 172.31.28.226 fe80::4f3:bcff:fe8c:ce9d ip-172-31-28-226 login: [ 179.881328] kauditd_printk_skb: 115 callbacks suppressed [ 179.881332] audit: type=1130 audit(1696274557.996:6092): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@10-172.31.28.226:22-139.178.89.65:50436 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 180.060314] audit: type=1101 audit(1696274558.174:6093): pid=5344 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 180.067033] audit: type=1103 audit(1696274558.181:6094): pid=5344 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 180.074826] audit: type=1006 audit(1696274558.181:6095): pid=5344 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=11 res=1 [ 180.078482] audit: type=1300 audit(1696274558.181:6095): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffde5d0cc00 a2=3 a3=0 items=0 ppid=1 pid=5344 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=11 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 180.085096] audit: type=1327 audit(1696274558.181:6095): proctitle=737368643A20636F7265205B707269765D [ 180.102618] audit: type=1105 audit(1696274558.217:6096): pid=5344 uid=0 auid=500 ses=11 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 180.109879] audit: type=1103 audit(1696274558.223:6097): pid=5347 uid=0 auid=500 ses=11 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 180.306925] audit: type=1106 audit(1696274558.422:6098): pid=5344 uid=0 auid=500 ses=11 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 180.336578] audit: type=1104 audit(1696274558.422:6099): pid=5344 uid=0 auid=500 ses=11 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 192.508198] kauditd_printk_skb: 23 callbacks suppressed [ 192.508201] audit: type=1130 audit(1696274570.624:6119): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@13-172.31.28.226:22-139.178.89.65:52142 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 192.682390] audit: type=1101 audit(1696274570.798:6120): pid=5395 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 192.691524] audit: type=1103 audit(1696274570.806:6121): pid=5395 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 192.698920] audit: type=1006 audit(1696274570.806:6122): pid=5395 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=14 res=1 [ 192.709782] audit: type=1300 audit(1696274570.806:6122): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc7f043b30 a2=3 a3=0 items=0 ppid=1 pid=5395 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=14 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 192.722317] audit: type=1327 audit(1696274570.806:6122): proctitle=737368643A20636F7265205B707269765D [ 192.724967] audit: type=1105 audit(1696274570.834:6123): pid=5395 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 192.733011] audit: type=1103 audit(1696274570.837:6124): pid=5398 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 192.933681] audit: type=1106 audit(1696274571.049:6125): pid=5395 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 192.943651] audit: type=1104 audit(1696274571.049:6126): pid=5395 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 197.520689] kauditd_printk_skb: 4178 callbacks suppressed [ 197.520692] audit: type=1325 audit(1696274575.636:8053): table=mangle:430 family=2 entries=1 op=nft_unregister_chain pid=5855 subj=system_u:system_r:kernel_t:s0 comm="iptables" [ 197.527503] audit: type=1300 audit(1696274575.636:8053): arch=c000003e syscall=46 success=yes exit=116 a0=3 a1=7ffde2ee9c30 a2=0 a3=7ffde2ee9c1c items=0 ppid=5427 pid=5855 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 197.535551] audit: type=1327 audit(1696274575.636:8053): proctitle=69707461626C6573002D770035002D74006D616E676C65002D58004F4C445F43494C49554D5F5052455F6D616E676C65 [ 197.538796] audit: type=1325 audit(1696274575.647:8054): table=raw:431 family=2 entries=1 op=nft_unregister_chain pid=5859 subj=system_u:system_r:kernel_t:s0 comm="iptables" [ 197.551436] audit: type=1300 audit(1696274575.647:8054): arch=c000003e syscall=46 success=yes exit=108 a0=3 a1=7fff487a2f00 a2=0 a3=7fff487a2eec items=0 ppid=5427 pid=5859 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 197.558897] audit: type=1327 audit(1696274575.647:8054): proctitle=69707461626C6573002D770035002D7400726177002D58004F4C445F43494C49554D5F5052455F726177 [ 197.569607] audit: type=1325 audit(1696274575.685:8055): table=filter:432 family=2 entries=1 op=nft_unregister_chain pid=5863 subj=system_u:system_r:kernel_t:s0 comm="iptables" [ 197.574389] audit: type=1300 audit(1696274575.685:8055): arch=c000003e syscall=46 success=yes exit=112 a0=3 a1=7fff20f2f720 a2=0 a3=7fff20f2f70c items=0 ppid=5427 pid=5863 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 197.586788] audit: type=1327 audit(1696274575.685:8055): proctitle=69707461626C6573002D770035002D740066696C746572002D58004F4C445F43494C49554D5F464F5257415244 [ 197.590926] audit: type=1400 audit(1696274575.706:8056): avc: denied { open } for pid=5427 comm="cilium-agent" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=0 [ 197.700754] IPv6: ADDRCONF(NETDEV_CHANGE): lxc_health: link becomes ready [ 198.063934] eth0: renamed from tmp16764 [ 198.073147] IPv6: ADDRCONF(NETDEV_CHANGE): lxccccf72bcbf3d: link becomes ready This is ip-172-31-28-226 (Linux x86_64 5.15.132-flatcar) 19:22:58 SSH host key: SHA256:s6DHKYSgCFG8TJDGHyYvlcsjP/jgrx1lGCSQdq8P0kI (RSA) SSH host key: SHA256:9rKkBBcpE7rt6QoAHyWSsd1ufxM6tJxMVBUQkbsVNfg (ECDSA) SSH host key: SHA256:X5eIZuV2p2uOWuj40X0NF6hgTE/Kkg7+SLRZCkOctOs (ED25519) eth0: 172.31.28.226 fe80::4f3:bcff:fe8c:ce9d ip-172-31-28-226 login: This is ip-172-31-28-226 (Linux x86_64 5.15.132-flatcar) 19:22:59 SSH host key: SHA256:s6DHKYSgCFG8TJDGHyYvlcsjP/jgrx1lGCSQdq8P0kI (RSA) SSH host key: SHA256:9rKkBBcpE7rt6QoAHyWSsd1ufxM6tJxMVBUQkbsVNfg (ECDSA) SSH host key: SHA256:X5eIZuV2p2uOWuj40X0NF6hgTE/Kkg7+SLRZCkOctOs (ED25519) eth0: 172.31.28.226 fe80::4f3:bcff:fe8c:ce9d ip-172-31-28-226 login: This is ip-172-31-28-226 (Linux x86_64 5.15.132-flatcar) 19:23:00 SSH host key: SHA256:s6DHKYSgCFG8TJDGHyYvlcsjP/jgrx1lGCSQdq8P0kI (RSA) SSH host key: SHA256:9rKkBBcpE7rt6QoAHyWSsd1ufxM6tJxMVBUQkbsVNfg (ECDSA) SSH host key: SHA256:X5eIZuV2p2uOWuj40X0NF6hgTE/Kkg7+SLRZCkOctOs (ED25519) eth0: 172.31.28.226 fe80::4f3:bcff:fe8c:ce9d ip-172-31-28-226 login: [ 202.957726] kauditd_printk_skb: 5 callbacks suppressed [ 202.957728] audit: type=1130 audit(1696274581.073:8058): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@14-172.31.28.226:22-139.178.89.65:48154 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 203.163786] audit: type=1101 audit(1696274581.279:8059): pid=5942 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 203.175478] audit: type=1103 audit(1696274581.290:8060): pid=5942 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 203.184012] audit: type=1006 audit(1696274581.291:8061): pid=5942 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=15 res=1 [ 203.196795] audit: type=1300 audit(1696274581.291:8061): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffe34ba3160 a2=3 a3=0 items=0 ppid=1 pid=5942 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=15 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 203.223657] audit: type=1327 audit(1696274581.291:8061): proctitle=737368643A20636F7265205B707269765D [ 203.227871] audit: type=1105 audit(1696274581.337:8062): pid=5942 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 203.234934] audit: type=1103 audit(1696274581.341:8063): pid=5945 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 203.592063] audit: type=1106 audit(1696274581.707:8064): pid=5942 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 203.599451] audit: type=1104 audit(1696274581.712:8065): pid=5942 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 213.616526] kauditd_printk_skb: 1 callbacks suppressed [ 213.616529] audit: type=1130 audit(1696274591.732:8067): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@15-172.31.28.226:22-139.178.89.65:49082 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 213.784100] audit: type=1101 audit(1696274591.899:8068): pid=5969 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 213.790935] audit: type=1103 audit(1696274591.906:8069): pid=5969 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 213.797157] audit: type=1006 audit(1696274591.906:8070): pid=5969 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=16 res=1 [ 213.803113] audit: type=1300 audit(1696274591.906:8070): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffeb7e11810 a2=3 a3=0 items=0 ppid=1 pid=5969 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=16 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 213.812450] audit: type=1327 audit(1696274591.906:8070): proctitle=737368643A20636F7265205B707269765D [ 213.815240] audit: type=1105 audit(1696274591.924:8071): pid=5969 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 213.821678] audit: type=1103 audit(1696274591.926:8072): pid=5972 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 214.006073] audit: type=1106 audit(1696274592.121:8073): pid=5969 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 214.022426] audit: type=1104 audit(1696274592.121:8074): pid=5969 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 224.031814] kauditd_printk_skb: 1 callbacks suppressed [ 224.031817] audit: type=1130 audit(1696274602.149:8076): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@16-172.31.28.226:22-139.178.89.65:42162 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 224.203143] audit: type=1101 audit(1696274602.320:8077): pid=5982 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 224.209588] audit: type=1103 audit(1696274602.326:8078): pid=5982 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 224.215255] audit: type=1006 audit(1696274602.326:8079): pid=5982 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=17 res=1 [ 224.219390] audit: type=1300 audit(1696274602.326:8079): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff6df69590 a2=3 a3=0 items=0 ppid=1 pid=5982 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=17 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 224.227101] audit: type=1327 audit(1696274602.326:8079): proctitle=737368643A20636F7265205B707269765D [ 224.234984] audit: type=1105 audit(1696274602.352:8080): pid=5982 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 224.241599] audit: type=1103 audit(1696274602.354:8081): pid=5985 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 224.417493] audit: type=1106 audit(1696274602.534:8082): pid=5982 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 224.426359] audit: type=1104 audit(1696274602.542:8083): pid=5982 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 234.441978] kauditd_printk_skb: 1 callbacks suppressed [ 234.441981] audit: type=1130 audit(1696274612.558:8085): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@17-172.31.28.226:22-139.178.89.65:44884 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 234.625080] audit: type=1101 audit(1696274612.741:8086): pid=6008 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 234.632177] audit: type=1103 audit(1696274612.748:8087): pid=6008 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 234.638381] audit: type=1006 audit(1696274612.749:8088): pid=6008 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=18 res=1 [ 234.641738] audit: type=1300 audit(1696274612.749:8088): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffdbbcca0c0 a2=3 a3=0 items=0 ppid=1 pid=6008 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=18 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 234.649055] audit: type=1327 audit(1696274612.749:8088): proctitle=737368643A20636F7265205B707269765D [ 234.657999] audit: type=1105 audit(1696274612.774:8089): pid=6008 uid=0 auid=500 ses=18 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 234.664943] audit: type=1103 audit(1696274612.774:8090): pid=6011 uid=0 auid=500 ses=18 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 234.872356] audit: type=1106 audit(1696274612.988:8091): pid=6008 uid=0 auid=500 ses=18 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 234.887596] audit: type=1104 audit(1696274612.989:8092): pid=6008 uid=0 auid=500 ses=18 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 244.896112] kauditd_printk_skb: 1 callbacks suppressed [ 244.896115] audit: type=1130 audit(1696274623.014:8094): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@18-172.31.28.226:22-139.178.89.65:53950 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 245.065061] audit: type=1101 audit(1696274623.183:8095): pid=6032 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 245.073022] audit: type=1103 audit(1696274623.191:8096): pid=6032 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 245.080305] audit: type=1006 audit(1696274623.191:8097): pid=6032 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=19 res=1 [ 245.092790] audit: type=1300 audit(1696274623.191:8097): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff47b36180 a2=3 a3=0 items=0 ppid=1 pid=6032 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=19 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 245.123778] audit: type=1327 audit(1696274623.191:8097): proctitle=737368643A20636F7265205B707269765D [ 245.127028] audit: type=1105 audit(1696274623.232:8098): pid=6032 uid=0 auid=500 ses=19 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 245.134517] audit: type=1103 audit(1696274623.236:8099): pid=6035 uid=0 auid=500 ses=19 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 245.346666] audit: type=1106 audit(1696274623.464:8100): pid=6032 uid=0 auid=500 ses=19 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 245.356123] audit: type=1104 audit(1696274623.464:8101): pid=6032 uid=0 auid=500 ses=19 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 250.228369] kauditd_printk_skb: 1 callbacks suppressed [ 250.228371] audit: type=1334 audit(1696274628.345:8103): prog-id=3366 op=LOAD [ 250.232036] audit: type=1300 audit(1696274628.345:8103): arch=c000003e syscall=321 success=yes exit=3 a0=5 a1=7ffea116f7f0 a2=74 a3=7ffea116f7f0 items=0 ppid=6061 pid=6119 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bpftool" exe="/usr/local/bin/bpftool" subj=system_u:system_r:kernel_t:s0 key=(null) [ 250.240245] audit: type=1327 audit(1696274628.345:8103): proctitle=627066746F6F6C002D6A00666561747572650070726F6265 [ 250.242472] audit: audit_backlog=65 > audit_backlog_limit=64 [ 250.242628] audit: type=1334 audit(1696274628.349:8104): prog-id=3366 op=UNLOAD [ 250.243665] audit: audit_lost=100 audit_rate_limit=0 audit_backlog_limit=64 [ 250.243667] audit: backlog limit exceeded [ 250.248815] audit: type=1334 audit(1696274628.349:8105): prog-id=3367 op=LOAD [ 250.250582] audit: type=1300 audit(1696274628.349:8105): arch=c000003e syscall=321 success=yes exit=3 a0=5 a1=7ffea116e870 a2=90 a3=2 items=0 ppid=6061 pid=6119 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bpftool" exe="/usr/local/bin/bpftool" subj=system_u:system_r:kernel_t:s0 key=(null) [ 250.258699] audit: type=1327 audit(1696274628.349:8105): proctitle=627066746F6F6C002D6A00666561747572650070726F6265 [ 250.670864] systemd-journald[1433]: Data hash table of /var/log/journal/ec21ee59d6a768b3f4b60f14f43e8456/system.journal has a fill level at 75.0 (33392 of 44522 items, 25165824 file size, 753 bytes per hash table item), suggesting rotation. [ 250.676718] systemd-journald[1433]: /var/log/journal/ec21ee59d6a768b3f4b60f14f43e8456/system.journal: Journal header limits reached or header out-of-date, rotating. [ 254.108423] IPv6: ADDRCONF(NETDEV_CHANGE): lxc_health: link becomes ready [ 254.875593] eth0: renamed from tmp22ae3 [ 254.882518] IPv6: ADDRCONF(NETDEV_CHANGE): lxc04a648df6412: link becomes ready [ 255.374426] kauditd_printk_skb: 4172 callbacks suppressed [ 255.374429] audit: type=1130 audit(1696274633.492:10044): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@19-172.31.28.226:22-139.178.89.65:48118 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 255.603785] audit: type=1101 audit(1696274633.721:10045): pid=6547 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 255.613762] audit: type=1103 audit(1696274633.730:10046): pid=6547 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 255.637022] audit: type=1006 audit(1696274633.730:10047): pid=6547 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=20 res=1 [ 255.654468] audit: type=1300 audit(1696274633.730:10047): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffdc69b0f30 a2=3 a3=0 items=0 ppid=1 pid=6547 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=20 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 255.674195] audit: type=1327 audit(1696274633.730:10047): proctitle=737368643A20636F7265205B707269765D [ 255.685312] audit: type=1105 audit(1696274633.771:10048): pid=6547 uid=0 auid=500 ses=20 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 255.701192] audit: type=1103 audit(1696274633.781:10049): pid=6550 uid=0 auid=500 ses=20 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 255.857951] audit: type=1334 audit(1696274633.975:10050): prog-id=4193 op=LOAD [ 255.858394] audit: type=1300 audit(1696274633.975:10050): arch=c000003e syscall=321 success=yes exit=5 a0=5 a1=7ffd925e4470 a2=74 a3=7ffd925e4470 items=0 ppid=6061 pid=6557 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="tc" exe="/usr/local/bin/tc" subj=system_u:system_r:kernel_t:s0 key=(null) This is ip-172-31-28-226 (Linux x86_64 5.15.132-flatcar) 19:23:54 SSH host key: SHA256:s6DHKYSgCFG8TJDGHyYvlcsjP/jgrx1lGCSQdq8P0kI (RSA) SSH host key: SHA256:9rKkBBcpE7rt6QoAHyWSsd1ufxM6tJxMVBUQkbsVNfg (ECDSA) SSH host key: SHA256:X5eIZuV2p2uOWuj40X0NF6hgTE/Kkg7+SLRZCkOctOs (ED25519) eth0: 172.31.28.226 fe80::4f3:bcff:fe8c:ce9d ip-172-31-28-226 login: This is ip-172-31-28-226 (Linux x86_64 5.15.132-flatcar) 19:23:55 SSH host key: SHA256:s6DHKYSgCFG8TJDGHyYvlcsjP/jgrx1lGCSQdq8P0kI (RSA) SSH host key: SHA256:9rKkBBcpE7rt6QoAHyWSsd1ufxM6tJxMVBUQkbsVNfg (ECDSA) SSH host key: SHA256:X5eIZuV2p2uOWuj40X0NF6hgTE/Kkg7+SLRZCkOctOs (ED25519) eth0: 172.31.28.226 fe80::4f3:bcff:fe8c:ce9d ip-172-31-28-226 login: [ 266.096812] kauditd_printk_skb: 115 callbacks suppressed [ 266.096815] audit: type=1130 audit(1696274644.215:10101): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@20-172.31.28.226:22-139.178.89.65:33960 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 266.295302] audit: type=1101 audit(1696274644.413:10102): pid=6602 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 266.304037] audit: type=1103 audit(1696274644.422:10103): pid=6602 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 266.311062] audit: type=1006 audit(1696274644.422:10104): pid=6602 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=21 res=1 [ 266.317299] audit: type=1300 audit(1696274644.422:10104): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffe2b860120 a2=3 a3=0 items=0 ppid=1 pid=6602 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=21 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 266.346408] audit: type=1327 audit(1696274644.422:10104): proctitle=737368643A20636F7265205B707269765D [ 266.365015] audit: type=1105 audit(1696274644.483:10105): pid=6602 uid=0 auid=500 ses=21 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 266.374321] audit: type=1103 audit(1696274644.492:10106): pid=6605 uid=0 auid=500 ses=21 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 266.618936] audit: type=1106 audit(1696274644.737:10107): pid=6602 uid=0 auid=500 ses=21 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 266.633259] audit: type=1104 audit(1696274644.737:10108): pid=6602 uid=0 auid=500 ses=21 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 276.643304] kauditd_printk_skb: 1 callbacks suppressed [ 276.643307] audit: type=1130 audit(1696274654.763:10110): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@21-172.31.28.226:22-139.178.89.65:59590 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 276.817717] audit: type=1101 audit(1696274654.937:10111): pid=6629 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 276.825720] audit: type=1103 audit(1696274654.945:10112): pid=6629 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 276.834662] audit: type=1006 audit(1696274654.945:10113): pid=6629 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=22 res=1 [ 276.839131] audit: type=1300 audit(1696274654.945:10113): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc42a51810 a2=3 a3=0 items=0 ppid=1 pid=6629 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=22 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 276.856366] audit: type=1327 audit(1696274654.945:10113): proctitle=737368643A20636F7265205B707269765D [ 276.861349] audit: type=1105 audit(1696274654.981:10114): pid=6629 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 276.868313] audit: type=1103 audit(1696274654.987:10115): pid=6632 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 277.066500] audit: type=1106 audit(1696274655.186:10116): pid=6629 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 277.075247] audit: type=1104 audit(1696274655.186:10117): pid=6629 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 281.788027] kauditd_printk_skb: 9 callbacks suppressed [ 281.788030] audit: type=1106 audit(1696274659.906:10125): pid=6642 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 281.800004] audit: type=1104 audit(1696274659.906:10126): pid=6642 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 281.807517] audit: type=1131 audit(1696274659.911:10127): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@22-172.31.28.226:22-139.178.89.65:59600 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 281.821124] audit: type=1130 audit(1696274659.935:10128): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@23-172.31.28.226:22-139.178.89.65:57086 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 282.001423] audit: type=1101 audit(1696274660.121:10129): pid=6901 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 282.010502] audit: type=1103 audit(1696274660.130:10130): pid=6901 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 282.018250] audit: type=1006 audit(1696274660.131:10131): pid=6901 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=24 res=1 [ 282.027326] audit: type=1300 audit(1696274660.131:10131): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffeb6080930 a2=3 a3=0 items=0 ppid=1 pid=6901 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=24 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 282.037421] audit: type=1327 audit(1696274660.131:10131): proctitle=737368643A20636F7265205B707269765D [ 282.043892] audit: type=1105 audit(1696274660.161:10132): pid=6901 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 287.488905] kauditd_printk_skb: 1 callbacks suppressed [ 287.488907] audit: type=1334 audit(1696274665.608:10134): prog-id=4217 op=LOAD [ 287.491617] audit: type=1300 audit(1696274665.608:10134): arch=c000003e syscall=321 success=yes exit=3 a0=5 a1=7ffcd102a450 a2=74 a3=7ffcd102a450 items=0 ppid=7227 pid=7285 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bpftool" exe="/usr/local/bin/bpftool" subj=system_u:system_r:kernel_t:s0 key=(null) [ 287.498894] audit: type=1327 audit(1696274665.608:10134): proctitle=627066746F6F6C002D6A00666561747572650070726F6265 [ 287.501118] audit: type=1334 audit(1696274665.613:10135): prog-id=4217 op=UNLOAD [ 287.502647] audit: type=1334 audit(1696274665.613:10136): prog-id=4218 op=LOAD [ 287.504149] audit: type=1300 audit(1696274665.613:10136): arch=c000003e syscall=321 success=yes exit=3 a0=5 a1=7ffcd10294d0 a2=90 a3=2 items=0 ppid=7227 pid=7285 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bpftool" exe="/usr/local/bin/bpftool" subj=system_u:system_r:kernel_t:s0 key=(null) [ 287.510613] audit: type=1327 audit(1696274665.613:10136): proctitle=627066746F6F6C002D6A00666561747572650070726F6265 [ 287.512901] audit: type=1334 audit(1696274665.620:10137): prog-id=4218 op=UNLOAD [ 287.514430] audit: type=1334 audit(1696274665.620:10138): prog-id=4219 op=LOAD [ 287.515912] audit: type=1300 audit(1696274665.620:10138): arch=c000003e syscall=321 success=yes exit=3 a0=5 a1=7ffcd10294d0 a2=90 a3=2 items=0 ppid=7227 pid=7285 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bpftool" exe="/usr/local/bin/bpftool" subj=system_u:system_r:kernel_t:s0 key=(null) [ 287.916613] alg: No test for seqiv(rfc4106(gcm(aes))) (seqiv(rfc4106-gcm-aesni)) [ 291.299959] IPv6: ADDRCONF(NETDEV_CHANGE): lxc_health: link becomes ready [ 291.564978] eth0: renamed from tmp34e5d [ 291.571233] IPv6: ADDRCONF(NETDEV_CHANGE): lxcd9c6025df89d: link becomes ready [ 291.965936] eth0: renamed from tmpa4c39 [ 291.986722] IPv6: ADDRCONF(NETDEV_CHANGE): lxcb14355fccc3a: link becomes ready This is ip-172-31-28-226 (Linux x86_64 5.15.132-flatcar) 19:24:32 SSH host key: SHA256:s6DHKYSgCFG8TJDGHyYvlcsjP/jgrx1lGCSQdq8P0kI (RSA) SSH host key: SHA256:9rKkBBcpE7rt6QoAHyWSsd1ufxM6tJxMVBUQkbsVNfg (ECDSA) SSH host key: SHA256:X5eIZuV2p2uOWuj40X0NF6hgTE/Kkg7+SLRZCkOctOs (ED25519) eth0: 172.31.28.226 fe80::4f3:bcff:fe8c:ce9d ip-172-31-28-226 login: [ 294.510304] kauditd_printk_skb: 4255 callbacks suppressed [ 294.510313] audit: type=1334 audit(1696274672.629:12103): prog-id=5044 op=LOAD [ 294.513068] audit: type=1300 audit(1696274672.629:12103): arch=c000003e syscall=321 success=yes exit=3 a0=5 a1=7fff244ff240 a2=74 a3=7fff244ff240 items=0 ppid=7879 pid=7935 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bpftool" exe="/usr/local/bin/bpftool" subj=system_u:system_r:kernel_t:s0 key=(null) [ 294.520407] audit: type=1327 audit(1696274672.629:12103): proctitle=627066746F6F6C002D6A00666561747572650070726F6265 [ 294.522981] audit: type=1334 audit(1696274672.630:12104): prog-id=5044 op=UNLOAD [ 294.525103] audit: type=1334 audit(1696274672.630:12105): prog-id=5045 op=LOAD [ 294.526810] audit: type=1300 audit(1696274672.630:12105): arch=c000003e syscall=321 success=yes exit=3 a0=5 a1=7fff244fe2c0 a2=90 a3=2 items=0 ppid=7879 pid=7935 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bpftool" exe="/usr/local/bin/bpftool" subj=system_u:system_r:kernel_t:s0 key=(null) [ 294.539881] audit: type=1327 audit(1696274672.630:12105): proctitle=627066746F6F6C002D6A00666561747572650070726F6265 [ 294.542291] audit: type=1334 audit(1696274672.631:12106): prog-id=5045 op=UNLOAD [ 294.543947] audit: type=1334 audit(1696274672.631:12107): prog-id=5046 op=LOAD [ 294.545820] audit: type=1300 audit(1696274672.631:12107): arch=c000003e syscall=321 success=yes exit=3 a0=5 a1=7fff244fe2c0 a2=90 a3=2 items=0 ppid=7879 pid=7935 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bpftool" exe="/usr/local/bin/bpftool" subj=system_u:system_r:kernel_t:s0 key=(null) This is ip-172-31-28-226 (Linux x86_64 5.15.132-flatcar) 19:24:33 SSH host key: SHA256:s6DHKYSgCFG8TJDGHyYvlcsjP/jgrx1lGCSQdq8P0kI (RSA) SSH host key: SHA256:9rKkBBcpE7rt6QoAHyWSsd1ufxM6tJxMVBUQkbsVNfg (ECDSA) SSH host key: SHA256:X5eIZuV2p2uOWuj40X0NF6hgTE/Kkg7+SLRZCkOctOs (ED25519) eth0: 172.31.28.226 fe80::4f3:bcff:fe8c:ce9d ip-172-31-28-226 login: [ 298.463095] IPv6: ADDRCONF(NETDEV_CHANGE): lxc_health: link becomes ready [ 300.439894] eth0: renamed from tmpa52df [ 300.449041] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 300.450503] IPv6: ADDRCONF(NETDEV_CHANGE): lxce963a26d3a77: link becomes ready [ 300.559031] kauditd_printk_skb: 4295 callbacks suppressed [ 300.559034] audit: type=1334 audit(1696274678.679:14086): prog-id=5871 op=LOAD [ 300.562362] audit: type=1300 audit(1696274678.679:14086): arch=c000003e syscall=321 success=yes exit=5 a0=5 a1=7ffce3679710 a2=74 a3=7ffce3679710 items=0 ppid=7879 pid=8452 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="tc" exe="/usr/local/bin/tc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 300.586963] audit: type=1327 audit(1696274678.679:14086): proctitle=74630066696C746572007265706C616365006465760063696C69756D5F686F737400696E6772657373007072696F00310068616E646C65003100627066006461006F626A003633385F6E6578742F6270665F686F73742E6F0073656300746F2D686F7374 [ 300.597656] audit: audit_backlog=65 > audit_backlog_limit=64 [ 300.599577] audit: audit_lost=101 audit_rate_limit=0 audit_backlog_limit=64 [ 300.601212] audit: backlog limit exceeded [ 300.602286] audit: type=1334 audit(1696274678.698:14087): prog-id=5871 op=UNLOAD [ 300.605729] audit: type=1334 audit(1696274678.698:14088): prog-id=5872 op=LOAD [ 300.607821] audit: type=1300 audit(1696274678.698:14088): arch=c000003e syscall=321 success=yes exit=5 a0=5 a1=7ffce36796a0 a2=80 a3=0 items=0 ppid=7879 pid=8452 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="tc" exe="/usr/local/bin/tc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 138.023717] audit: type=1327 audit(1696274516.126:2040): proctitle=74630066696C746572007265706C616365006465760063696C69756D5F76786C616E00696E6772657373007072696F00310068616E646C65003100627066006461006F626A006270665F6F7665726C61792E6F007365630066726F6D2D6F7665726C6179 [ 138.029573] audit: type=1334 audit(1696274516.127:2041): prog-id=823 op=UNLOAD [ 138.036481] audit: type=1334 audit(1696274516.127:2042): prog-id=824 op=LOAD [ 138.041112] audit: type=1300 audit(1696274516.127:2042): arch=c000003e syscall=321 success=yes exit=5 a0=5 a1=7fff0363fa60 a2=80 a3=0 items=0 ppid=3803 pid=3894 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="tc" exe="/usr/local/bin/tc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 138.048396] audit: type=1327 audit(1696274516.127:2042): proctitle=74630066696C746572007265706C616365006465760063696C69756D5F76786C616E00696E6772657373007072696F00310068616E646C65003100627066006461006F626A006270665F6F7665726C61792E6F007365630066726F6D2D6F7665726C6179 [ 138.055754] audit: type=1334 audit(1696274516.128:2043): prog-id=824 op=UNLOAD [ 138.057492] audit: type=1334 audit(1696274516.128:2044): prog-id=825 op=LOAD [ 138.059520] audit: type=1300 audit(1696274516.128:2044): arch=c000003e syscall=321 success=yes exit=8 a0=5 a1=7fff0363f740 a2=80 a3=0 items=0 ppid=3803 pid=3894 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="tc" exe="/usr/local/bin/tc" subj=system_u:system_r:kernel_t:s0 key=(null) This is ip-172-31-28-226 (Linux x86_64 5.15.132-flatcar) 19:21:56 SSH host key: SHA256:s6DHKYSgCFG8TJDGHyYvlcsjP/jgrx1lGCSQdq8P0kI (RSA) SSH host key: SHA256:9rKkBBcpE7rt6QoAHyWSsd1ufxM6tJxMVBUQkbsVNfg (ECDSA) SSH host key: SHA256:X5eIZuV2p2uOWuj40X0NF6hgTE/Kkg7+SLRZCkOctOs (ED25519) eth0: 172.31.28.226 fe80::4f3:bcff:fe8c:ce9d ip-172-31-28-226 login: [ 139.104104] IPv6: ADDRCONF(NETDEV_CHANGE): lxc_health: link becomes ready This is ip-172-31-28-226 (Linux x86_64 5.15.132-flatcar) 19:21:57 SSH host key: SHA256:s6DHKYSgCFG8TJDGHyYvlcsjP/jgrx1lGCSQdq8P0kI (RSA) SSH host key: SHA256:9rKkBBcpE7rt6QoAHyWSsd1ufxM6tJxMVBUQkbsVNfg (ECDSA) SSH host key: SHA256:X5eIZuV2p2uOWuj40X0NF6hgTE/Kkg7+SLRZCkOctOs (ED25519) eth0: 172.31.28.226 fe80::4f3:bcff:fe8c:ce9d ip-172-31-28-226 login: This is ip-172-31-28-226 (Linux x86_64 5.15.132-flatcar) 19:21:58 SSH host key: SHA256:s6DHKYSgCFG8TJDGHyYvlcsjP/jgrx1lGCSQdq8P0kI (RSA) SSH host key: SHA256:9rKkBBcpE7rt6QoAHyWSsd1ufxM6tJxMVBUQkbsVNfg (ECDSA) SSH host key: SHA256:X5eIZuV2p2uOWuj40X0NF6hgTE/Kkg7+SLRZCkOctOs (ED25519) eth0: 172.31.28.226 fe80::4f3:bcff:fe8c:ce9d ip-172-31-28-226 login: [ 141.269374] eth0: renamed from tmpe3012 [ 141.274010] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 141.275929] IPv6: ADDRCONF(NETDEV_CHANGE): lxc76b6220c1ff3: link becomes ready This is ip-172-31-28-226 (Linux x86_64 5.15.132-flatcar) 19:21:59 SSH host key: SHA256:s6DHKYSgCFG8TJDGHyYvlcsjP/jgrx1lGCSQdq8P0kI (RSA) SSH host key: SHA256:9rKkBBcpE7rt6QoAHyWSsd1ufxM6tJxMVBUQkbsVNfg (ECDSA) SSH host key: SHA256:X5eIZuV2p2uOWuj40X0NF6hgTE/Kkg7+SLRZCkOctOs (ED25519) eth0: 172.31.28.226 fe80::4f3:bcff:fe8c:ce9d ip-172-31-28-226 login: This is ip-172-31-28-226 (Linux x86_64 5.15.132-flatcar) 19:22:00 SSH host key: SHA256:s6DHKYSgCFG8TJDGHyYvlcsjP/jgrx1lGCSQdq8P0kI (RSA) SSH host key: SHA256:9rKkBBcpE7rt6QoAHyWSsd1ufxM6tJxMVBUQkbsVNfg (ECDSA) SSH host key: SHA256:X5eIZuV2p2uOWuj40X0NF6hgTE/Kkg7+SLRZCkOctOs (ED25519) eth0: 172.31.28.226 fe80::4f3:bcff:fe8c:ce9d ip-172-31-28-226 login: [ 143.014356] kauditd_printk_skb: 2193 callbacks suppressed [ 143.014359] audit: type=1400 audit(1696274521.128:3061): avc: denied { confidentiality } for pid=4297 comm="bpftool" lockdown_reason="use of bpf to read kernel RAM" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=lockdown permissive=0 [ 143.023774] audit: type=1300 audit(1696274521.128:3061): arch=c000003e syscall=321 success=no exit=-22 a0=5 a1=7ffcf205c020 a2=90 a3=2 items=0 ppid=4236 pid=4297 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bpftool" exe="/usr/local/bin/bpftool" subj=system_u:system_r:kernel_t:s0 key=(null) [ 143.033161] audit: type=1327 audit(1696274521.128:3061): proctitle=627066746F6F6C00666561747572650070726F6265006D6163726F73 [ 143.049897] audit: type=1400 audit(1696274521.128:3062): avc: denied { confidentiality } for pid=4297 comm="bpftool" lockdown_reason="use of bpf to read kernel RAM" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=lockdown permissive=0 [ 143.056769] audit: type=1300 audit(1696274521.128:3062): arch=c000003e syscall=321 success=no exit=-22 a0=5 a1=7ffcf205c020 a2=90 a3=2 items=0 ppid=4236 pid=4297 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bpftool" exe="/usr/local/bin/bpftool" subj=system_u:system_r:kernel_t:s0 key=(null) [ 143.067837] audit: type=1327 audit(1696274521.128:3062): proctitle=627066746F6F6C00666561747572650070726F6265006D6163726F73 [ 143.072027] audit: type=1334 audit(1696274521.128:3063): prog-id=1271 op=LOAD [ 143.077328] audit: type=1300 audit(1696274521.128:3063): arch=c000003e syscall=321 success=yes exit=3 a0=5 a1=7ffcf205c020 a2=90 a3=2 items=0 ppid=4236 pid=4297 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bpftool" exe="/usr/local/bin/bpftool" subj=system_u:system_r:kernel_t:s0 key=(null) [ 143.092090] audit: type=1327 audit(1696274521.128:3063): proctitle=627066746F6F6C00666561747572650070726F6265006D6163726F73 [ 143.106102] audit: type=1334 audit(1696274521.137:3064): prog-id=1271 op=UNLOAD [ 146.754281] IPv6: ADDRCONF(NETDEV_CHANGE): lxc_health: link becomes ready [ 147.525862] eth0: renamed from tmpe2893 [ 147.537376] IPv6: ADDRCONF(NETDEV_CHANGE): lxcfda0bf61bb43: link becomes ready [ 148.633736] kauditd_printk_skb: 2274 callbacks suppressed [ 148.633739] audit: type=1106 audit(1696274526.747:4101): pid=4702 uid=0 auid=500 ses=8 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 148.647716] audit: type=1104 audit(1696274526.747:4102): pid=4702 uid=0 auid=500 ses=8 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 148.656029] audit: type=1131 audit(1696274526.750:4103): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@7-172.31.28.226:22-139.178.89.65:44764 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' This is ip-172-31-28-226 (Linux x86_64 5.15.132-flatcar) 19:22:07 SSH host key: SHA256:s6DHKYSgCFG8TJDGHyYvlcsjP/jgrx1lGCSQdq8P0kI (RSA) SSH host key: SHA256:9rKkBBcpE7rt6QoAHyWSsd1ufxM6tJxMVBUQkbsVNfg (ECDSA) SSH host key: SHA256:X5eIZuV2p2uOWuj40X0NF6hgTE/Kkg7+SLRZCkOctOs (ED25519) eth0: 172.31.28.226 fe80::4f3:bcff:fe8c:ce9d ip-172-31-28-226 login: This is ip-172-31-28-226 (Linux x86_64 5.15.132-flatcar) 19:22:08 SSH host key: SHA256:s6DHKYSgCFG8TJDGHyYvlcsjP/jgrx1lGCSQdq8P0kI (RSA) SSH host key: SHA256:9rKkBBcpE7rt6QoAHyWSsd1ufxM6tJxMVBUQkbsVNfg (ECDSA) SSH host key: SHA256:X5eIZuV2p2uOWuj40X0NF6hgTE/Kkg7+SLRZCkOctOs (ED25519) eth0: 172.31.28.226 fe80::4f3:bcff:fe8c:ce9d ip-172-31-28-226 login: This is ip-172-31-28-226 (Linux x86_64 5.15.132-flatcar) 19:22:09 SSH host key: SHA256:s6DHKYSgCFG8TJDGHyYvlcsjP/jgrx1lGCSQdq8P0kI (RSA) SSH host key: SHA256:9rKkBBcpE7rt6QoAHyWSsd1ufxM6tJxMVBUQkbsVNfg (ECDSA) SSH host key: SHA256:X5eIZuV2p2uOWuj40X0NF6hgTE/Kkg7+SLRZCkOctOs (ED25519) eth0: 172.31.28.226 fe80::4f3:bcff:fe8c:ce9d ip-172-31-28-226 login: [ 158.659631] audit: type=1130 audit(1696274536.774:4104): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@8-172.31.28.226:22-139.178.89.65:56226 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 158.835481] audit: type=1101 audit(1696274536.950:4105): pid=4770 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 158.845471] audit: type=1103 audit(1696274536.960:4106): pid=4770 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 158.852950] audit: type=1006 audit(1696274536.960:4107): pid=4770 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=9 res=1 [ 158.866373] audit: type=1300 audit(1696274536.960:4107): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff7557b4a0 a2=3 a3=0 items=0 ppid=1 pid=4770 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=9 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 158.873888] audit: type=1327 audit(1696274536.960:4107): proctitle=737368643A20636F7265205B707269765D [ 158.876810] audit: type=1105 audit(1696274536.987:4108): pid=4770 uid=0 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 158.883508] audit: type=1103 audit(1696274536.989:4109): pid=4773 uid=0 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 159.093345] audit: type=1106 audit(1696274537.208:4110): pid=4770 uid=0 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 159.107599] audit: type=1104 audit(1696274537.208:4111): pid=4770 uid=0 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 163.789005] kauditd_printk_skb: 1 callbacks suppressed [ 163.789007] audit: type=1334 audit(1696274541.904:4113): prog-id=1688 op=LOAD [ 163.791657] audit: type=1300 audit(1696274541.904:4113): arch=c000003e syscall=321 success=yes exit=3 a0=5 a1=7ffd1a618de0 a2=74 a3=7ffd1a618de0 items=0 ppid=4812 pid=4867 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bpftool" exe="/usr/local/bin/bpftool" subj=system_u:system_r:kernel_t:s0 key=(null) [ 163.798950] audit: type=1327 audit(1696274541.904:4113): proctitle=627066746F6F6C002D6A00666561747572650070726F6265 [ 163.801656] audit: type=1334 audit(1696274541.904:4114): prog-id=1688 op=UNLOAD [ 163.803221] audit: type=1334 audit(1696274541.904:4115): prog-id=1689 op=LOAD [ 163.804938] audit: type=1300 audit(1696274541.904:4115): arch=c000003e syscall=321 success=yes exit=3 a0=5 a1=7ffd1a617e60 a2=90 a3=2 items=0 ppid=4812 pid=4867 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bpftool" exe="/usr/local/bin/bpftool" subj=system_u:system_r:kernel_t:s0 key=(null) [ 163.812522] audit: type=1327 audit(1696274541.904:4115): proctitle=627066746F6F6C002D6A00666561747572650070726F6265 [ 163.815335] audit: type=1334 audit(1696274541.906:4116): prog-id=1689 op=UNLOAD [ 163.818032] audit: type=1334 audit(1696274541.906:4117): prog-id=1690 op=LOAD [ 163.819490] audit: type=1300 audit(1696274541.906:4117): arch=c000003e syscall=321 success=yes exit=3 a0=5 a1=7ffd1a617e60 a2=90 a3=2 items=0 ppid=4812 pid=4867 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bpftool" exe="/usr/local/bin/bpftool" subj=system_u:system_r:kernel_t:s0 key=(null) [ 167.556354] IPv6: ADDRCONF(NETDEV_CHANGE): lxc_health: link becomes ready [ 167.999666] eth0: renamed from tmp8a5bd [ 168.007964] IPv6: ADDRCONF(NETDEV_CHANGE): lxc528a005cf20c: link becomes ready [ 169.117317] kauditd_printk_skb: 4190 callbacks suppressed [ 169.117320] audit: type=1130 audit(1696274547.231:6035): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@9-172.31.28.226:22-139.178.89.65:45744 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 169.181765] audit: type=1334 audit(1696274547.295:6036): prog-id=2515 op=LOAD [ 169.183462] audit: type=1300 audit(1696274547.295:6036): arch=c000003e syscall=321 success=yes exit=5 a0=5 a1=7ffdd9f8e9a0 a2=74 a3=7ffdd9f8e9a0 items=0 ppid=4812 pid=5291 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="tc" exe="/usr/local/bin/tc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 169.200022] audit: type=1327 audit(1696274547.295:6036): proctitle=74630066696C746572007265706C616365006465760063696C69756D5F686F737400696E6772657373007072696F00310068616E646C65003100627066006461006F626A003633385F6E6578742F6270665F686F73742E6F0073656300746F2D686F7374 [ 169.210769] audit: type=1334 audit(1696274547.296:6037): prog-id=2515 op=UNLOAD [ 169.214338] audit: type=1334 audit(1696274547.296:6038): prog-id=2516 op=LOAD [ 169.216241] audit: type=1300 audit(1696274547.296:6038): arch=c000003e syscall=321 success=yes exit=5 a0=5 a1=7ffdd9f8e930 a2=80 a3=0 items=0 ppid=4812 pid=5291 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="tc" exe="/usr/local/bin/tc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 169.225433] audit: type=1327 audit(1696274547.296:6038): proctitle=74630066696C746572007265706C616365006465760063696C69756D5F686F737400696E6772657373007072696F00310068616E646C65003100627066006461006F626A003633385F6E6578742F6270665F686F73742E6F0073656300746F2D686F7374 [ 169.233130] audit: type=1334 audit(1696274547.298:6039): prog-id=2516 op=UNLOAD [ 169.233195] audit: type=1334 audit(1696274547.298:6040): prog-id=2517 op=LOAD This is ip-172-31-28-226 (Linux x86_64 5.15.132-flatcar) 19:22:28 SSH host key: SHA256:s6DHKYSgCFG8TJDGHyYvlcsjP/jgrx1lGCSQdq8P0kI (RSA) SSH host key: SHA256:9rKkBBcpE7rt6QoAHyWSsd1ufxM6tJxMVBUQkbsVNfg (ECDSA) SSH host key: SHA256:X5eIZuV2p2uOWuj40X0NF6hgTE/Kkg7+SLRZCkOctOs (ED25519) eth0: 172.31.28.226 fe80::4f3:bcff:fe8c:ce9d ip-172-31-28-226 login: This is ip-172-31-28-226 (Linux x86_64 5.15.132-flatcar) 19:22:29 SSH host key: SHA256:s6DHKYSgCFG8TJDGHyYvlcsjP/jgrx1lGCSQdq8P0kI (RSA) SSH host key: SHA256:9rKkBBcpE7rt6QoAHyWSsd1ufxM6tJxMVBUQkbsVNfg (ECDSA) SSH host key: SHA256:X5eIZuV2p2uOWuj40X0NF6hgTE/Kkg7+SLRZCkOctOs (ED25519) eth0: 172.31.28.226 fe80::4f3:bcff:fe8c:ce9d ip-172-31-28-226 login: [ 179.881328] kauditd_printk_skb: 115 callbacks suppressed [ 179.881332] audit: type=1130 audit(1696274557.996:6092): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@10-172.31.28.226:22-139.178.89.65:50436 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 180.060314] audit: type=1101 audit(1696274558.174:6093): pid=5344 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 180.067033] audit: type=1103 audit(1696274558.181:6094): pid=5344 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 180.074826] audit: type=1006 audit(1696274558.181:6095): pid=5344 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=11 res=1 [ 180.078482] audit: type=1300 audit(1696274558.181:6095): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffde5d0cc00 a2=3 a3=0 items=0 ppid=1 pid=5344 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=11 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 180.085096] audit: type=1327 audit(1696274558.181:6095): proctitle=737368643A20636F7265205B707269765D [ 180.102618] audit: type=1105 audit(1696274558.217:6096): pid=5344 uid=0 auid=500 ses=11 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 180.109879] audit: type=1103 audit(1696274558.223:6097): pid=5347 uid=0 auid=500 ses=11 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 180.306925] audit: type=1106 audit(1696274558.422:6098): pid=5344 uid=0 auid=500 ses=11 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 180.336578] audit: type=1104 audit(1696274558.422:6099): pid=5344 uid=0 auid=500 ses=11 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 192.508198] kauditd_printk_skb: 23 callbacks suppressed [ 192.508201] audit: type=1130 audit(1696274570.624:6119): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@13-172.31.28.226:22-139.178.89.65:52142 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 192.682390] audit: type=1101 audit(1696274570.798:6120): pid=5395 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 192.691524] audit: type=1103 audit(1696274570.806:6121): pid=5395 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 192.698920] audit: type=1006 audit(1696274570.806:6122): pid=5395 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=14 res=1 [ 192.709782] audit: type=1300 audit(1696274570.806:6122): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc7f043b30 a2=3 a3=0 items=0 ppid=1 pid=5395 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=14 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 192.722317] audit: type=1327 audit(1696274570.806:6122): proctitle=737368643A20636F7265205B707269765D [ 192.724967] audit: type=1105 audit(1696274570.834:6123): pid=5395 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 192.733011] audit: type=1103 audit(1696274570.837:6124): pid=5398 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 192.933681] audit: type=1106 audit(1696274571.049:6125): pid=5395 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 192.943651] audit: type=1104 audit(1696274571.049:6126): pid=5395 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 197.520689] kauditd_printk_skb: 4178 callbacks suppressed [ 197.520692] audit: type=1325 audit(1696274575.636:8053): table=mangle:430 family=2 entries=1 op=nft_unregister_chain pid=5855 subj=system_u:system_r:kernel_t:s0 comm="iptables" [ 197.527503] audit: type=1300 audit(1696274575.636:8053): arch=c000003e syscall=46 success=yes exit=116 a0=3 a1=7ffde2ee9c30 a2=0 a3=7ffde2ee9c1c items=0 ppid=5427 pid=5855 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 197.535551] audit: type=1327 audit(1696274575.636:8053): proctitle=69707461626C6573002D770035002D74006D616E676C65002D58004F4C445F43494C49554D5F5052455F6D616E676C65 [ 197.538796] audit: type=1325 audit(1696274575.647:8054): table=raw:431 family=2 entries=1 op=nft_unregister_chain pid=5859 subj=system_u:system_r:kernel_t:s0 comm="iptables" [ 197.551436] audit: type=1300 audit(1696274575.647:8054): arch=c000003e syscall=46 success=yes exit=108 a0=3 a1=7fff487a2f00 a2=0 a3=7fff487a2eec items=0 ppid=5427 pid=5859 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 197.558897] audit: type=1327 audit(1696274575.647:8054): proctitle=69707461626C6573002D770035002D7400726177002D58004F4C445F43494C49554D5F5052455F726177 [ 197.569607] audit: type=1325 audit(1696274575.685:8055): table=filter:432 family=2 entries=1 op=nft_unregister_chain pid=5863 subj=system_u:system_r:kernel_t:s0 comm="iptables" [ 197.574389] audit: type=1300 audit(1696274575.685:8055): arch=c000003e syscall=46 success=yes exit=112 a0=3 a1=7fff20f2f720 a2=0 a3=7fff20f2f70c items=0 ppid=5427 pid=5863 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 197.586788] audit: type=1327 audit(1696274575.685:8055): proctitle=69707461626C6573002D770035002D740066696C746572002D58004F4C445F43494C49554D5F464F5257415244 [ 197.590926] audit: type=1400 audit(1696274575.706:8056): avc: denied { open } for pid=5427 comm="cilium-agent" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=0 [ 197.700754] IPv6: ADDRCONF(NETDEV_CHANGE): lxc_health: link becomes ready [ 198.063934] eth0: renamed from tmp16764 [ 198.073147] IPv6: ADDRCONF(NETDEV_CHANGE): lxccccf72bcbf3d: link becomes ready This is ip-172-31-28-226 (Linux x86_64 5.15.132-flatcar) 19:22:58 SSH host key: SHA256:s6DHKYSgCFG8TJDGHyYvlcsjP/jgrx1lGCSQdq8P0kI (RSA) SSH host key: SHA256:9rKkBBcpE7rt6QoAHyWSsd1ufxM6tJxMVBUQkbsVNfg (ECDSA) SSH host key: SHA256:X5eIZuV2p2uOWuj40X0NF6hgTE/Kkg7+SLRZCkOctOs (ED25519) eth0: 172.31.28.226 fe80::4f3:bcff:fe8c:ce9d ip-172-31-28-226 login: This is ip-172-31-28-226 (Linux x86_64 5.15.132-flatcar) 19:22:59 SSH host key: SHA256:s6DHKYSgCFG8TJDGHyYvlcsjP/jgrx1lGCSQdq8P0kI (RSA) SSH host key: SHA256:9rKkBBcpE7rt6QoAHyWSsd1ufxM6tJxMVBUQkbsVNfg (ECDSA) SSH host key: SHA256:X5eIZuV2p2uOWuj40X0NF6hgTE/Kkg7+SLRZCkOctOs (ED25519) eth0: 172.31.28.226 fe80::4f3:bcff:fe8c:ce9d ip-172-31-28-226 login: This is ip-172-31-28-226 (Linux x86_64 5.15.132-flatcar) 19:23:00 SSH host key: SHA256:s6DHKYSgCFG8TJDGHyYvlcsjP/jgrx1lGCSQdq8P0kI (RSA) SSH host key: SHA256:9rKkBBcpE7rt6QoAHyWSsd1ufxM6tJxMVBUQkbsVNfg (ECDSA) SSH host key: SHA256:X5eIZuV2p2uOWuj40X0NF6hgTE/Kkg7+SLRZCkOctOs (ED25519) eth0: 172.31.28.226 fe80::4f3:bcff:fe8c:ce9d ip-172-31-28-226 login: [ 202.957726] kauditd_printk_skb: 5 callbacks suppressed [ 202.957728] audit: type=1130 audit(1696274581.073:8058): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@14-172.31.28.226:22-139.178.89.65:48154 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 203.163786] audit: type=1101 audit(1696274581.279:8059): pid=5942 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 203.175478] audit: type=1103 audit(1696274581.290:8060): pid=5942 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 203.184012] audit: type=1006 audit(1696274581.291:8061): pid=5942 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=15 res=1 [ 203.196795] audit: type=1300 audit(1696274581.291:8061): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffe34ba3160 a2=3 a3=0 items=0 ppid=1 pid=5942 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=15 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 203.223657] audit: type=1327 audit(1696274581.291:8061): proctitle=737368643A20636F7265205B707269765D [ 203.227871] audit: type=1105 audit(1696274581.337:8062): pid=5942 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 203.234934] audit: type=1103 audit(1696274581.341:8063): pid=5945 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 203.592063] audit: type=1106 audit(1696274581.707:8064): pid=5942 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 203.599451] audit: type=1104 audit(1696274581.712:8065): pid=5942 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 213.616526] kauditd_printk_skb: 1 callbacks suppressed [ 213.616529] audit: type=1130 audit(1696274591.732:8067): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@15-172.31.28.226:22-139.178.89.65:49082 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 213.784100] audit: type=1101 audit(1696274591.899:8068): pid=5969 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 213.790935] audit: type=1103 audit(1696274591.906:8069): pid=5969 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 213.797157] audit: type=1006 audit(1696274591.906:8070): pid=5969 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=16 res=1 [ 213.803113] audit: type=1300 audit(1696274591.906:8070): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffeb7e11810 a2=3 a3=0 items=0 ppid=1 pid=5969 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=16 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 213.812450] audit: type=1327 audit(1696274591.906:8070): proctitle=737368643A20636F7265205B707269765D [ 213.815240] audit: type=1105 audit(1696274591.924:8071): pid=5969 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 213.821678] audit: type=1103 audit(1696274591.926:8072): pid=5972 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 214.006073] audit: type=1106 audit(1696274592.121:8073): pid=5969 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 214.022426] audit: type=1104 audit(1696274592.121:8074): pid=5969 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 224.031814] kauditd_printk_skb: 1 callbacks suppressed [ 224.031817] audit: type=1130 audit(1696274602.149:8076): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@16-172.31.28.226:22-139.178.89.65:42162 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 224.203143] audit: type=1101 audit(1696274602.320:8077): pid=5982 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 224.209588] audit: type=1103 audit(1696274602.326:8078): pid=5982 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 224.215255] audit: type=1006 audit(1696274602.326:8079): pid=5982 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=17 res=1 [ 224.219390] audit: type=1300 audit(1696274602.326:8079): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff6df69590 a2=3 a3=0 items=0 ppid=1 pid=5982 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=17 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 224.227101] audit: type=1327 audit(1696274602.326:8079): proctitle=737368643A20636F7265205B707269765D [ 224.234984] audit: type=1105 audit(1696274602.352:8080): pid=5982 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 224.241599] audit: type=1103 audit(1696274602.354:8081): pid=5985 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 224.417493] audit: type=1106 audit(1696274602.534:8082): pid=5982 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 224.426359] audit: type=1104 audit(1696274602.542:8083): pid=5982 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 234.441978] kauditd_printk_skb: 1 callbacks suppressed [ 234.441981] audit: type=1130 audit(1696274612.558:8085): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@17-172.31.28.226:22-139.178.89.65:44884 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 234.625080] audit: type=1101 audit(1696274612.741:8086): pid=6008 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 234.632177] audit: type=1103 audit(1696274612.748:8087): pid=6008 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 234.638381] audit: type=1006 audit(1696274612.749:8088): pid=6008 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=18 res=1 [ 234.641738] audit: type=1300 audit(1696274612.749:8088): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffdbbcca0c0 a2=3 a3=0 items=0 ppid=1 pid=6008 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=18 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 234.649055] audit: type=1327 audit(1696274612.749:8088): proctitle=737368643A20636F7265205B707269765D [ 234.657999] audit: type=1105 audit(1696274612.774:8089): pid=6008 uid=0 auid=500 ses=18 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 234.664943] audit: type=1103 audit(1696274612.774:8090): pid=6011 uid=0 auid=500 ses=18 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 234.872356] audit: type=1106 audit(1696274612.988:8091): pid=6008 uid=0 auid=500 ses=18 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 234.887596] audit: type=1104 audit(1696274612.989:8092): pid=6008 uid=0 auid=500 ses=18 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 244.896112] kauditd_printk_skb: 1 callbacks suppressed [ 244.896115] audit: type=1130 audit(1696274623.014:8094): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@18-172.31.28.226:22-139.178.89.65:53950 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 245.065061] audit: type=1101 audit(1696274623.183:8095): pid=6032 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 245.073022] audit: type=1103 audit(1696274623.191:8096): pid=6032 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 245.080305] audit: type=1006 audit(1696274623.191:8097): pid=6032 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=19 res=1 [ 245.092790] audit: type=1300 audit(1696274623.191:8097): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff47b36180 a2=3 a3=0 items=0 ppid=1 pid=6032 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=19 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 245.123778] audit: type=1327 audit(1696274623.191:8097): proctitle=737368643A20636F7265205B707269765D [ 245.127028] audit: type=1105 audit(1696274623.232:8098): pid=6032 uid=0 auid=500 ses=19 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 245.134517] audit: type=1103 audit(1696274623.236:8099): pid=6035 uid=0 auid=500 ses=19 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 245.346666] audit: type=1106 audit(1696274623.464:8100): pid=6032 uid=0 auid=500 ses=19 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 245.356123] audit: type=1104 audit(1696274623.464:8101): pid=6032 uid=0 auid=500 ses=19 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 250.228369] kauditd_printk_skb: 1 callbacks suppressed [ 250.228371] audit: type=1334 audit(1696274628.345:8103): prog-id=3366 op=LOAD [ 250.232036] audit: type=1300 audit(1696274628.345:8103): arch=c000003e syscall=321 success=yes exit=3 a0=5 a1=7ffea116f7f0 a2=74 a3=7ffea116f7f0 items=0 ppid=6061 pid=6119 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bpftool" exe="/usr/local/bin/bpftool" subj=system_u:system_r:kernel_t:s0 key=(null) [ 250.240245] audit: type=1327 audit(1696274628.345:8103): proctitle=627066746F6F6C002D6A00666561747572650070726F6265 [ 250.242472] audit: audit_backlog=65 > audit_backlog_limit=64 [ 250.242628] audit: type=1334 audit(1696274628.349:8104): prog-id=3366 op=UNLOAD [ 250.243665] audit: audit_lost=100 audit_rate_limit=0 audit_backlog_limit=64 [ 250.243667] audit: backlog limit exceeded [ 250.248815] audit: type=1334 audit(1696274628.349:8105): prog-id=3367 op=LOAD [ 250.250582] audit: type=1300 audit(1696274628.349:8105): arch=c000003e syscall=321 success=yes exit=3 a0=5 a1=7ffea116e870 a2=90 a3=2 items=0 ppid=6061 pid=6119 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bpftool" exe="/usr/local/bin/bpftool" subj=system_u:system_r:kernel_t:s0 key=(null) [ 250.258699] audit: type=1327 audit(1696274628.349:8105): proctitle=627066746F6F6C002D6A00666561747572650070726F6265 [ 250.670864] systemd-journald[1433]: Data hash table of /var/log/journal/ec21ee59d6a768b3f4b60f14f43e8456/system.journal has a fill level at 75.0 (33392 of 44522 items, 25165824 file size, 753 bytes per hash table item), suggesting rotation. [ 250.676718] systemd-journald[1433]: /var/log/journal/ec21ee59d6a768b3f4b60f14f43e8456/system.journal: Journal header limits reached or header out-of-date, rotating. [ 254.108423] IPv6: ADDRCONF(NETDEV_CHANGE): lxc_health: link becomes ready [ 254.875593] eth0: renamed from tmp22ae3 [ 254.882518] IPv6: ADDRCONF(NETDEV_CHANGE): lxc04a648df6412: link becomes ready [ 255.374426] kauditd_printk_skb: 4172 callbacks suppressed [ 255.374429] audit: type=1130 audit(1696274633.492:10044): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@19-172.31.28.226:22-139.178.89.65:48118 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 255.603785] audit: type=1101 audit(1696274633.721:10045): pid=6547 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 255.613762] audit: type=1103 audit(1696274633.730:10046): pid=6547 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 255.637022] audit: type=1006 audit(1696274633.730:10047): pid=6547 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=20 res=1 [ 255.654468] audit: type=1300 audit(1696274633.730:10047): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffdc69b0f30 a2=3 a3=0 items=0 ppid=1 pid=6547 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=20 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 255.674195] audit: type=1327 audit(1696274633.730:10047): proctitle=737368643A20636F7265205B707269765D [ 255.685312] audit: type=1105 audit(1696274633.771:10048): pid=6547 uid=0 auid=500 ses=20 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 255.701192] audit: type=1103 audit(1696274633.781:10049): pid=6550 uid=0 auid=500 ses=20 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 255.857951] audit: type=1334 audit(1696274633.975:10050): prog-id=4193 op=LOAD [ 255.858394] audit: type=1300 audit(1696274633.975:10050): arch=c000003e syscall=321 success=yes exit=5 a0=5 a1=7ffd925e4470 a2=74 a3=7ffd925e4470 items=0 ppid=6061 pid=6557 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="tc" exe="/usr/local/bin/tc" subj=system_u:system_r:kernel_t:s0 key=(null) This is ip-172-31-28-226 (Linux x86_64 5.15.132-flatcar) 19:23:54 SSH host key: SHA256:s6DHKYSgCFG8TJDGHyYvlcsjP/jgrx1lGCSQdq8P0kI (RSA) SSH host key: SHA256:9rKkBBcpE7rt6QoAHyWSsd1ufxM6tJxMVBUQkbsVNfg (ECDSA) SSH host key: SHA256:X5eIZuV2p2uOWuj40X0NF6hgTE/Kkg7+SLRZCkOctOs (ED25519) eth0: 172.31.28.226 fe80::4f3:bcff:fe8c:ce9d ip-172-31-28-226 login: This is ip-172-31-28-226 (Linux x86_64 5.15.132-flatcar) 19:23:55 SSH host key: SHA256:s6DHKYSgCFG8TJDGHyYvlcsjP/jgrx1lGCSQdq8P0kI (RSA) SSH host key: SHA256:9rKkBBcpE7rt6QoAHyWSsd1ufxM6tJxMVBUQkbsVNfg (ECDSA) SSH host key: SHA256:X5eIZuV2p2uOWuj40X0NF6hgTE/Kkg7+SLRZCkOctOs (ED25519) eth0: 172.31.28.226 fe80::4f3:bcff:fe8c:ce9d ip-172-31-28-226 login: [ 266.096812] kauditd_printk_skb: 115 callbacks suppressed [ 266.096815] audit: type=1130 audit(1696274644.215:10101): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@20-172.31.28.226:22-139.178.89.65:33960 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 266.295302] audit: type=1101 audit(1696274644.413:10102): pid=6602 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 266.304037] audit: type=1103 audit(1696274644.422:10103): pid=6602 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 266.311062] audit: type=1006 audit(1696274644.422:10104): pid=6602 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=21 res=1 [ 266.317299] audit: type=1300 audit(1696274644.422:10104): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffe2b860120 a2=3 a3=0 items=0 ppid=1 pid=6602 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=21 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 266.346408] audit: type=1327 audit(1696274644.422:10104): proctitle=737368643A20636F7265205B707269765D [ 266.365015] audit: type=1105 audit(1696274644.483:10105): pid=6602 uid=0 auid=500 ses=21 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 266.374321] audit: type=1103 audit(1696274644.492:10106): pid=6605 uid=0 auid=500 ses=21 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 266.618936] audit: type=1106 audit(1696274644.737:10107): pid=6602 uid=0 auid=500 ses=21 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 266.633259] audit: type=1104 audit(1696274644.737:10108): pid=6602 uid=0 auid=500 ses=21 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 276.643304] kauditd_printk_skb: 1 callbacks suppressed [ 276.643307] audit: type=1130 audit(1696274654.763:10110): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@21-172.31.28.226:22-139.178.89.65:59590 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 276.817717] audit: type=1101 audit(1696274654.937:10111): pid=6629 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 276.825720] audit: type=1103 audit(1696274654.945:10112): pid=6629 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 276.834662] audit: type=1006 audit(1696274654.945:10113): pid=6629 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=22 res=1 [ 276.839131] audit: type=1300 audit(1696274654.945:10113): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc42a51810 a2=3 a3=0 items=0 ppid=1 pid=6629 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=22 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 276.856366] audit: type=1327 audit(1696274654.945:10113): proctitle=737368643A20636F7265205B707269765D [ 276.861349] audit: type=1105 audit(1696274654.981:10114): pid=6629 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 276.868313] audit: type=1103 audit(1696274654.987:10115): pid=6632 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 277.066500] audit: type=1106 audit(1696274655.186:10116): pid=6629 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 277.075247] audit: type=1104 audit(1696274655.186:10117): pid=6629 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 281.788027] kauditd_printk_skb: 9 callbacks suppressed [ 281.788030] audit: type=1106 audit(1696274659.906:10125): pid=6642 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 281.800004] audit: type=1104 audit(1696274659.906:10126): pid=6642 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 281.807517] audit: type=1131 audit(1696274659.911:10127): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@22-172.31.28.226:22-139.178.89.65:59600 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 281.821124] audit: type=1130 audit(1696274659.935:10128): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@23-172.31.28.226:22-139.178.89.65:57086 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 282.001423] audit: type=1101 audit(1696274660.121:10129): pid=6901 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 282.010502] audit: type=1103 audit(1696274660.130:10130): pid=6901 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 282.018250] audit: type=1006 audit(1696274660.131:10131): pid=6901 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=24 res=1 [ 282.027326] audit: type=1300 audit(1696274660.131:10131): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffeb6080930 a2=3 a3=0 items=0 ppid=1 pid=6901 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=24 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 282.037421] audit: type=1327 audit(1696274660.131:10131): proctitle=737368643A20636F7265205B707269765D [ 282.043892] audit: type=1105 audit(1696274660.161:10132): pid=6901 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 287.488905] kauditd_printk_skb: 1 callbacks suppressed [ 287.488907] audit: type=1334 audit(1696274665.608:10134): prog-id=4217 op=LOAD [ 287.491617] audit: type=1300 audit(1696274665.608:10134): arch=c000003e syscall=321 success=yes exit=3 a0=5 a1=7ffcd102a450 a2=74 a3=7ffcd102a450 items=0 ppid=7227 pid=7285 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bpftool" exe="/usr/local/bin/bpftool" subj=system_u:system_r:kernel_t:s0 key=(null) [ 287.498894] audit: type=1327 audit(1696274665.608:10134): proctitle=627066746F6F6C002D6A00666561747572650070726F6265 [ 287.501118] audit: type=1334 audit(1696274665.613:10135): prog-id=4217 op=UNLOAD [ 287.502647] audit: type=1334 audit(1696274665.613:10136): prog-id=4218 op=LOAD [ 287.504149] audit: type=1300 audit(1696274665.613:10136): arch=c000003e syscall=321 success=yes exit=3 a0=5 a1=7ffcd10294d0 a2=90 a3=2 items=0 ppid=7227 pid=7285 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bpftool" exe="/usr/local/bin/bpftool" subj=system_u:system_r:kernel_t:s0 key=(null) [ 287.510613] audit: type=1327 audit(1696274665.613:10136): proctitle=627066746F6F6C002D6A00666561747572650070726F6265 [ 287.512901] audit: type=1334 audit(1696274665.620:10137): prog-id=4218 op=UNLOAD [ 287.514430] audit: type=1334 audit(1696274665.620:10138): prog-id=4219 op=LOAD [ 287.515912] audit: type=1300 audit(1696274665.620:10138): arch=c000003e syscall=321 success=yes exit=3 a0=5 a1=7ffcd10294d0 a2=90 a3=2 items=0 ppid=7227 pid=7285 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bpftool" exe="/usr/local/bin/bpftool" subj=system_u:system_r:kernel_t:s0 key=(null) [ 287.916613] alg: No test for seqiv(rfc4106(gcm(aes))) (seqiv(rfc4106-gcm-aesni)) [ 291.299959] IPv6: ADDRCONF(NETDEV_CHANGE): lxc_health: link becomes ready [ 291.564978] eth0: renamed from tmp34e5d [ 291.571233] IPv6: ADDRCONF(NETDEV_CHANGE): lxcd9c6025df89d: link becomes ready [ 291.965936] eth0: renamed from tmpa4c39 [ 291.986722] IPv6: ADDRCONF(NETDEV_CHANGE): lxcb14355fccc3a: link becomes ready This is ip-172-31-28-226 (Linux x86_64 5.15.132-flatcar) 19:24:32 SSH host key: SHA256:s6DHKYSgCFG8TJDGHyYvlcsjP/jgrx1lGCSQdq8P0kI (RSA) SSH host key: SHA256:9rKkBBcpE7rt6QoAHyWSsd1ufxM6tJxMVBUQkbsVNfg (ECDSA) SSH host key: SHA256:X5eIZuV2p2uOWuj40X0NF6hgTE/Kkg7+SLRZCkOctOs (ED25519) eth0: 172.31.28.226 fe80::4f3:bcff:fe8c:ce9d ip-172-31-28-226 login: [ 294.510304] kauditd_printk_skb: 4255 callbacks suppressed [ 294.510313] audit: type=1334 audit(1696274672.629:12103): prog-id=5044 op=LOAD [ 294.513068] audit: type=1300 audit(1696274672.629:12103): arch=c000003e syscall=321 success=yes exit=3 a0=5 a1=7fff244ff240 a2=74 a3=7fff244ff240 items=0 ppid=7879 pid=7935 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bpftool" exe="/usr/local/bin/bpftool" subj=system_u:system_r:kernel_t:s0 key=(null) [ 294.520407] audit: type=1327 audit(1696274672.629:12103): proctitle=627066746F6F6C002D6A00666561747572650070726F6265 [ 294.522981] audit: type=1334 audit(1696274672.630:12104): prog-id=5044 op=UNLOAD [ 294.525103] audit: type=1334 audit(1696274672.630:12105): prog-id=5045 op=LOAD [ 294.526810] audit: type=1300 audit(1696274672.630:12105): arch=c000003e syscall=321 success=yes exit=3 a0=5 a1=7fff244fe2c0 a2=90 a3=2 items=0 ppid=7879 pid=7935 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bpftool" exe="/usr/local/bin/bpftool" subj=system_u:system_r:kernel_t:s0 key=(null) [ 294.539881] audit: type=1327 audit(1696274672.630:12105): proctitle=627066746F6F6C002D6A00666561747572650070726F6265 [ 294.542291] audit: type=1334 audit(1696274672.631:12106): prog-id=5045 op=UNLOAD [ 294.543947] audit: type=1334 audit(1696274672.631:12107): prog-id=5046 op=LOAD [ 294.545820] audit: type=1300 audit(1696274672.631:12107): arch=c000003e syscall=321 success=yes exit=3 a0=5 a1=7fff244fe2c0 a2=90 a3=2 items=0 ppid=7879 pid=7935 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bpftool" exe="/usr/local/bin/bpftool" subj=system_u:system_r:kernel_t:s0 key=(null) This is ip-172-31-28-226 (Linux x86_64 5.15.132-flatcar) 19:24:33 SSH host key: SHA256:s6DHKYSgCFG8TJDGHyYvlcsjP/jgrx1lGCSQdq8P0kI (RSA) SSH host key: SHA256:9rKkBBcpE7rt6QoAHyWSsd1ufxM6tJxMVBUQkbsVNfg (ECDSA) SSH host key: SHA256:X5eIZuV2p2uOWuj40X0NF6hgTE/Kkg7+SLRZCkOctOs (ED25519) eth0: 172.31.28.226 fe80::4f3:bcff:fe8c:ce9d ip-172-31-28-226 login: [ 298.463095] IPv6: ADDRCONF(NETDEV_CHANGE): lxc_health: link becomes ready [ 300.439894] eth0: renamed from tmpa52df [ 300.449041] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 300.450503] IPv6: ADDRCONF(NETDEV_CHANGE): lxce963a26d3a77: link becomes ready [ 300.559031] kauditd_printk_skb: 4295 callbacks suppressed [ 300.559034] audit: type=1334 audit(1696274678.679:14086): prog-id=5871 op=LOAD [ 300.562362] audit: type=1300 audit(1696274678.679:14086): arch=c000003e syscall=321 success=yes exit=5 a0=5 a1=7ffce3679710 a2=74 a3=7ffce3679710 items=0 ppid=7879 pid=8452 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="tc" exe="/usr/local/bin/tc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 300.586963] audit: type=1327 audit(1696274678.679:14086): proctitle=74630066696C746572007265706C616365006465760063696C69756D5F686F737400696E6772657373007072696F00310068616E646C65003100627066006461006F626A003633385F6E6578742F6270665F686F73742E6F0073656300746F2D686F7374 [ 300.597656] audit: audit_backlog=65 > audit_backlog_limit=64 [ 300.599577] audit: audit_lost=101 audit_rate_limit=0 audit_backlog_limit=64 [ 300.601212] audit: backlog limit exceeded [ 300.602286] audit: type=1334 audit(1696274678.698:14087): prog-id=5871 op=UNLOAD [ 300.605729] audit: type=1334 audit(1696274678.698:14088): prog-id=5872 op=LOAD [ 300.607821] audit: type=1300 audit(1696274678.698:14088): arch=c000003e syscall=321 success=yes exit=5 a0=5 a1=7ffce36796a0 a2=80 a3=0 items=0 ppid=7879 pid=8452 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="tc" exe="/usr/local/bin/tc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 300.615091] audit: type=1327 audit(1696274678.698:14088): proctitle=74630066696C746572007265706C616365006465760063696C69756D5F686F737400696E6772657373007072696F00310068616E646C65003100627066006461006F626A003633385F6E6578742F6270665F686F73742E6F0073656300746F2D686F7374 This is ip-172-31-28-226 (Linux x86_64 5.15.132-flatcar) 19:24:39 SSH host key: SHA256:s6DHKYSgCFG8TJDGHyYvlcsjP/jgrx1lGCSQdq8P0kI (RSA) SSH host key: SHA256:9rKkBBcpE7rt6QoAHyWSsd1ufxM6tJxMVBUQkbsVNfg (ECDSA) SSH host key: SHA256:X5eIZuV2p2uOWuj40X0NF6hgTE/Kkg7+SLRZCkOctOs (ED25519) eth0: 172.31.28.226 fe80::4f3:bcff:fe8c:ce9d ip-172-31-28-226 login: This is ip-172-31-28-226 (Linux x86_64 5.15.132-flatcar) 19:24:40 SSH host key: SHA256:s6DHKYSgCFG8TJDGHyYvlcsjP/jgrx1lGCSQdq8P0kI (RSA) SSH host key: SHA256:9rKkBBcpE7rt6QoAHyWSsd1ufxM6tJxMVBUQkbsVNfg (ECDSA) SSH host key: SHA256:X5eIZuV2p2uOWuj40X0NF6hgTE/Kkg7+SLRZCkOctOs (ED25519) eth0: 172.31.28.226 fe80::4f3:bcff:fe8c:ce9d ip-172-31-28-226 login: [ 313.836165] kauditd_printk_skb: 104 callbacks suppressed [ 313.836168] audit: type=1334 audit(1696274691.957:14133): prog-id=5895 op=LOAD [ 313.839782] audit: type=1300 audit(1696274691.957:14133): arch=c000003e syscall=321 success=yes exit=3 a0=5 a1=7ffe62ec0e30 a2=74 a3=7ffe62ec0e30 items=0 ppid=8525 pid=8575 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bpftool" exe="/usr/local/bin/bpftool" subj=system_u:system_r:kernel_t:s0 key=(null) [ 313.847436] audit: type=1327 audit(1696274691.957:14133): proctitle=627066746F6F6C002D6A00666561747572650070726F6265 [ 313.850769] audit: type=1334 audit(1696274691.958:14134): prog-id=5895 op=UNLOAD [ 313.853231] audit: type=1334 audit(1696274691.958:14135): prog-id=5896 op=LOAD [ 313.856944] audit: type=1300 audit(1696274691.958:14135): arch=c000003e syscall=321 success=yes exit=3 a0=5 a1=7ffe62ebfeb0 a2=90 a3=2 items=0 ppid=8525 pid=8575 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bpftool" exe="/usr/local/bin/bpftool" subj=system_u:system_r:kernel_t:s0 key=(null) [ 313.870319] audit: type=1327 audit(1696274691.958:14135): proctitle=627066746F6F6C002D6A00666561747572650070726F6265 [ 313.873361] audit: type=1334 audit(1696274691.962:14136): prog-id=5896 op=UNLOAD [ 313.886827] audit: type=1334 audit(1696274691.962:14137): prog-id=5897 op=LOAD [ 313.889609] audit: type=1300 audit(1696274691.962:14137): arch=c000003e syscall=321 success=yes exit=3 a0=5 a1=7ffe62ebfeb0 a2=90 a3=2 items=0 ppid=8525 pid=8575 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bpftool" exe="/usr/local/bin/bpftool" subj=system_u:system_r:kernel_t:s0 key=(null) [ 318.062665] IPv6: ADDRCONF(NETDEV_CHANGE): lxc_health: link becomes ready [ 318.495314] eth0: renamed from tmp57f8d [ 318.503162] IPv6: ADDRCONF(NETDEV_CHANGE): lxc65381d3be5f4: link becomes ready [ 319.388615] eth0: renamed from tmpd50d0 [ 319.394665] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 319.396049] IPv6: ADDRCONF(NETDEV_CHANGE): lxc80d3d2dcc179: link becomes ready This is ip-172-31-28-226 (Linux x86_64 5.15.132-flatcar) 19:24:58 SSH host key: SHA256:s6DHKYSgCFG8TJDGHyYvlcsjP/jgrx1lGCSQdq8P0kI (RSA) SSH host key: SHA256:9rKkBBcpE7rt6QoAHyWSsd1ufxM6tJxMVBUQkbsVNfg (ECDSA) SSH host key: SHA256:X5eIZuV2p2uOWuj40X0NF6hgTE/Kkg7+SLRZCkOctOs (ED25519) eth0: 172.31.28.226 fe80::4f3:bcff:fe8c:ce9d ip-172-31-28-226 login: This is ip-172-31-28-226 (Linux x86_64 5.15.132-flatcar) 19:24:59 SSH host key: SHA256:s6DHKYSgCFG8TJDGHyYvlcsjP/jgrx1lGCSQdq8P0kI (RSA) SSH host key: SHA256:9rKkBBcpE7rt6QoAHyWSsd1ufxM6tJxMVBUQkbsVNfg (ECDSA) SSH host key: SHA256:X5eIZuV2p2uOWuj40X0NF6hgTE/Kkg7+SLRZCkOctOs (ED25519) eth0: 172.31.28.226 fe80::4f3:bcff:fe8c:ce9d ip-172-31-28-226 login: [ 343.883467] kauditd_printk_skb: 4286 callbacks suppressed [ 343.883470] audit: type=1334 audit(1696274722.005:16113): prog-id=6722 op=LOAD [ 343.886141] audit: type=1300 audit(1696274722.005:16113): arch=c000003e syscall=321 success=yes exit=3 a0=5 a1=7fff9513ae40 a2=74 a3=7fff9513ae40 items=0 ppid=9212 pid=9268 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bpftool" exe="/usr/local/bin/bpftool" subj=system_u:system_r:kernel_t:s0 key=(null) [ 343.893492] audit: type=1327 audit(1696274722.005:16113): proctitle=627066746F6F6C002D6A00666561747572650070726F6265 [ 343.899078] audit: audit_backlog=65 > audit_backlog_limit=64 [ 343.899208] audit: type=1334 audit(1696274722.005:16114): prog-id=6722 op=UNLOAD [ 343.900293] audit: audit_lost=102 audit_rate_limit=0 audit_backlog_limit=64 [ 343.902167] audit: type=1334 audit(1696274722.005:16115): prog-id=6723 op=LOAD [ 343.903252] audit: backlog limit exceeded [ 343.905701] audit: type=1300 audit(1696274722.005:16115): arch=c000003e syscall=321 success=yes exit=3 a0=5 a1=7fff95139ec0 a2=90 a3=2 items=0 ppid=9212 pid=9268 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bpftool" exe="/usr/local/bin/bpftool" subj=system_u:system_r:kernel_t:s0 key=(null) [ 343.923481] audit: type=1327 audit(1696274722.005:16115): proctitle=627066746F6F6C002D6A00666561747572650070726F6265