F6E66002D2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F6B7562656C65742E636F6E66002D2D636F6E6669 [ 58.212316] audit: type=1325 audit(1707769396.439:187): table=mangle:26 family=2 entries=2 op=nft_register_chain pid=2544 subj=system_u:system_r:kernel_t:s0 comm="iptables" [ 58.218138] audit: type=1300 audit(1707769396.439:187): arch=c00000b7 syscall=211 success=yes exit=136 a0=3 a1=ffffd0d7d740 a2=0 a3=1 items=0 ppid=2534 pid=2544 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 68.959115] kauditd_printk_skb: 101 callbacks suppressed [ 68.959119] audit: type=1131 audit(1707769407.265:221): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 68.975578] audit: type=1130 audit(1707769407.280:222): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 69.226771] audit: type=1400 audit(1707769407.533:223): avc: denied { mac_admin } for pid=3105 comm="kubelet" capability=33 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 69.235238] audit: type=1401 audit(1707769407.533:223): op=setxattr invalid_context="system_u:object_r:container_file_t:s0" [ 69.239471] audit: type=1300 audit(1707769407.533:223): arch=c00000b7 syscall=5 success=no exit=-22 a0=4001024690 a1=4000927680 a2=4001024660 a3=25 items=0 ppid=1 pid=3105 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kubelet" exe="/opt/bin/kubelet" subj=system_u:system_r:kernel_t:s0 key=(null) [ 69.255326] audit: type=1327 audit(1707769407.533:223): proctitle=2F6F70742F62696E2F6B7562656C6574002D2D626F6F7473747261702D6B756265636F6E6669673D2F6574632F6B756265726E657465732F626F6F7473747261702D6B7562656C65742E636F6E66002D2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F6B7562656C65742E636F6E66002D2D636F6E6669 [ 69.270301] audit: type=1400 audit(1707769407.572:224): avc: denied { mac_admin } for pid=3105 comm="kubelet" capability=33 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 69.281192] audit: type=1401 audit(1707769407.572:224): op=setxattr invalid_context="system_u:object_r:container_file_t:s0" [ 69.306334] audit: type=1300 audit(1707769407.572:224): arch=c00000b7 syscall=5 success=no exit=-22 a0=40011003a0 a1=4000926480 a2=4000fe2270 a3=25 items=0 ppid=1 pid=3105 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kubelet" exe="/opt/bin/kubelet" subj=system_u:system_r:kernel_t:s0 key=(null) [ 69.336323] audit: type=1327 audit(1707769407.572:224): proctitle=2F6F70742F62696E2F6B7562656C6574002D2D626F6F7473747261702D6B756265636F6E6669673D2F6574632F6B756265726E657465732F626F6F7473747261702D6B7562656C65742E636F6E66002D2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F6B7562656C65742E636F6E66002D2D636F6E6669 [ 58.212316] audit: type=1325 audit(1707769396.439:187): table=mangle:26 family=2 entries=2 op=nft_register_chain pid=2544 subj=system_u:system_r:kernel_t:s0 comm="iptables" [ 58.218138] audit: type=1300 audit(1707769396.439:187): arch=c00000b7 syscall=211 success=yes exit=136 a0=3 a1=ffffd0d7d740 a2=0 a3=1 items=0 ppid=2534 pid=2544 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 68.959115] kauditd_printk_skb: 101 callbacks suppressed [ 68.959119] audit: type=1131 audit(1707769407.265:221): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 68.975578] audit: type=1130 audit(1707769407.280:222): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 69.226771] audit: type=1400 audit(1707769407.533:223): avc: denied { mac_admin } for pid=3105 comm="kubelet" capability=33 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 69.235238] audit: type=1401 audit(1707769407.533:223): op=setxattr invalid_context="system_u:object_r:container_file_t:s0" [ 69.239471] audit: type=1300 audit(1707769407.533:223): arch=c00000b7 syscall=5 success=no exit=-22 a0=4001024690 a1=4000927680 a2=4001024660 a3=25 items=0 ppid=1 pid=3105 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kubelet" exe="/opt/bin/kubelet" subj=system_u:system_r:kernel_t:s0 key=(null) [ 69.255326] audit: type=1327 audit(1707769407.533:223): proctitle=2F6F70742F62696E2F6B7562656C6574002D2D626F6F7473747261702D6B756265636F6E6669673D2F6574632F6B756265726E657465732F626F6F7473747261702D6B7562656C65742E636F6E66002D2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F6B7562656C65742E636F6E66002D2D636F6E6669 [ 69.270301] audit: type=1400 audit(1707769407.572:224): avc: denied { mac_admin } for pid=3105 comm="kubelet" capability=33 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 69.281192] audit: type=1401 audit(1707769407.572:224): op=setxattr invalid_context="system_u:object_r:container_file_t:s0" [ 69.306334] audit: type=1300 audit(1707769407.572:224): arch=c00000b7 syscall=5 success=no exit=-22 a0=40011003a0 a1=4000926480 a2=4000fe2270 a3=25 items=0 ppid=1 pid=3105 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kubelet" exe="/opt/bin/kubelet" subj=system_u:system_r:kernel_t:s0 key=(null) [ 69.336323] audit: type=1327 audit(1707769407.572:224): proctitle=2F6F70742F62696E2F6B7562656C6574002D2D626F6F7473747261702D6B756265636F6E6669673D2F6574632F6B756265726E657465732F626F6F7473747261702D6B7562656C65742E636F6E66002D2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F6B7562656C65742E636F6E66002D2D636F6E6669 [ 76.648466] kauditd_printk_skb: 4 callbacks suppressed [ 76.648471] audit: type=1106 audit(1707769414.955:226): pid=2111 uid=500 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_limits,pam_env,pam_unix,pam_permit,pam_systemd acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 76.659588] audit: type=1104 audit(1707769414.955:227): pid=2111 uid=500 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 76.676309] audit: type=1106 audit(1707769414.982:228): pid=2107 uid=0 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 76.693744] audit: type=1104 audit(1707769414.982:229): pid=2107 uid=0 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 76.703737] audit: type=1131 audit(1707769414.986:230): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@6-172.31.16.195:22-147.75.109.163:41332 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 84.673675] audit: type=1325 audit(1707769422.979:231): table=mangle:59 family=2 entries=1 op=nft_register_chain pid=3303 subj=system_u:system_r:kernel_t:s0 comm="iptables" [ 84.679614] audit: type=1300 audit(1707769422.979:231): arch=c00000b7 syscall=211 success=yes exit=104 a0=3 a1=fffff3db6620 a2=0 a3=ffffb71fd6c0 items=0 ppid=3263 pid=3303 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 84.691377] audit: type=1327 audit(1707769422.979:231): proctitle=69707461626C6573002D770035002D5700313030303030002D4E004B5542452D50524F58592D43414E415259002D74006D616E676C65 [ 84.698651] audit: type=1325 audit(1707769422.979:232): table=nat:60 family=2 entries=1 op=nft_register_chain pid=3304 subj=system_u:system_r:kernel_t:s0 comm="iptables" [ 84.705282] audit: type=1300 audit(1707769422.979:232): arch=c00000b7 syscall=211 success=yes exit=100 a0=3 a1=ffffe4419b80 a2=0 a3=ffffa03c26c0 items=0 ppid=3263 pid=3304 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 84.717495] audit: type=1327 audit(1707769422.979:232): proctitle=69707461626C6573002D770035002D5700313030303030002D4E004B5542452D50524F58592D43414E415259002D74006E6174 [ 84.722907] audit: type=1325 audit(1707769422.984:233): table=filter:61 family=2 entries=1 op=nft_register_chain pid=3305 subj=system_u:system_r:kernel_t:s0 comm="iptables" [ 84.728496] audit: type=1300 audit(1707769422.984:233): arch=c00000b7 syscall=211 success=yes exit=104 a0=3 a1=ffffda4a26a0 a2=0 a3=ffffa79746c0 items=0 ppid=3263 pid=3305 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 84.740296] audit: type=1327 audit(1707769422.984:233): proctitle=69707461626C6573002D770035002D5700313030303030002D4E004B5542452D50524F58592D43414E415259002D740066696C746572 [ 84.746024] audit: type=1325 audit(1707769422.986:234): table=mangle:62 family=10 entries=1 op=nft_register_chain pid=3306 subj=system_u:system_r:kernel_t:s0 comm="ip6tables" [ 93.002497] kauditd_printk_skb: 122 callbacks suppressed [ 93.002502] audit: type=1325 audit(1707769431.308:275): table=filter:103 family=2 entries=13 op=nft_register_rule pid=3492 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 93.010585] audit: type=1300 audit(1707769431.308:275): arch=c00000b7 syscall=211 success=yes exit=4732 a0=3 a1=ffffd68a46b0 a2=0 a3=ffffbe5296c0 items=0 ppid=3263 pid=3492 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 93.022638] audit: type=1327 audit(1707769431.308:275): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 93.032225] audit: type=1325 audit(1707769431.310:276): table=nat:104 family=2 entries=20 op=nft_register_rule pid=3492 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 93.039382] audit: type=1300 audit(1707769431.310:276): arch=c00000b7 syscall=211 success=yes exit=5340 a0=3 a1=ffffd68a46b0 a2=0 a3=ffffbe5296c0 items=0 ppid=3263 pid=3492 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 93.055154] audit: type=1327 audit(1707769431.310:276): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 93.406231] audit: type=1325 audit(1707769431.712:277): table=filter:105 family=2 entries=14 op=nft_register_rule pid=3520 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 93.412481] audit: type=1300 audit(1707769431.712:277): arch=c00000b7 syscall=211 success=yes exit=4732 a0=3 a1=ffffe97a3cb0 a2=0 a3=ffff86b486c0 items=0 ppid=3263 pid=3520 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 93.424399] audit: type=1327 audit(1707769431.712:277): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 93.430304] audit: type=1325 audit(1707769431.719:278): table=nat:106 family=2 entries=20 op=nft_register_rule pid=3520 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 116.650962] wireguard: WireGuard 1.0.0 loaded. See www.wireguard.com for information. [ 116.653785] wireguard: Copyright (C) 2015-2019 Jason A. Donenfeld . All Rights Reserved. [ 118.293614] kauditd_printk_skb: 8 callbacks suppressed [ 118.293618] audit: type=1400 audit(1707769456.599:281): avc: denied { write } for pid=4279 comm="tee" name="fd" dev="proc" ino=21365 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dir permissive=0 [ 118.312604] audit: type=1300 audit(1707769456.599:281): arch=c00000b7 syscall=56 success=yes exit=3 a0=ffffffffffffff9c a1=ffffec6cc983 a2=241 a3=1b6 items=1 ppid=4249 pid=4279 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="tee" exe="/usr/bin/coreutils" subj=system_u:system_r:kernel_t:s0 key=(null) [ 118.325767] audit: type=1307 audit(1707769456.599:281): cwd="/etc/service/enabled/cni/log" [ 118.329630] audit: type=1302 audit(1707769456.599:281): item=0 name="/dev/fd/63" inode=21811 dev=00:0b mode=010600 ouid=0 ogid=0 rdev=00:00 obj=system_u:system_r:kernel_t:s0 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 [ 118.338968] audit: type=1327 audit(1707769456.599:281): proctitle=2F7573722F62696E2F636F72657574696C73002D2D636F72657574696C732D70726F672D73686562616E673D746565002F7573722F62696E2F746565002F6465762F66642F3633 [ 118.369595] audit: type=1400 audit(1707769456.675:282): avc: denied { write } for pid=4289 comm="tee" name="fd" dev="proc" ino=21378 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dir permissive=0 [ 118.377188] audit: type=1300 audit(1707769456.675:282): arch=c00000b7 syscall=56 success=yes exit=3 a0=ffffffffffffff9c a1=ffffcf825972 a2=241 a3=1b6 items=1 ppid=4261 pid=4289 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="tee" exe="/usr/bin/coreutils" subj=system_u:system_r:kernel_t:s0 key=(null) [ 118.415386] audit: type=1307 audit(1707769456.675:282): cwd="/etc/service/enabled/node-status-reporter/log" [ 118.428131] audit: type=1302 audit(1707769456.675:282): item=0 name="/dev/fd/63" inode=21827 dev=00:0b mode=010600 ouid=0 ogid=0 rdev=00:00 obj=system_u:system_r:kernel_t:s0 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 [ 118.439323] audit: type=1327 audit(1707769456.675:282): proctitle=2F7573722F62696E2F636F72657574696C73002D2D636F72657574696C732D70726F672D73686562616E673D746565002F7573722F62696E2F746565002F6465762F66642F3633 [ 119.540335] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 119.542886] IPv6: ADDRCONF(NETDEV_CHANGE): cali921d47b398b: link becomes ready [ 119.654964] IPv6: ADDRCONF(NETDEV_CHANGE): cali5db6df91c7c: link becomes ready This is ip-172-31-16-195 (Linux aarch64 5.15.148-flatcar) 20:24:20 SSH host key: SHA256:8srRk12LsfPVELaSLoakw5yIU8yfyc4LKSLTx3XuVCk (RSA) SSH host key: SHA256:T4FeK2nBMIwOS3j4zdOYceCZNb1bmGRmUYQ0T1H0J9U (ED25519) SSH host key: SHA256:MfkPi8IuFs1MjX4T/6xjyPxed87w8/P3ASeDeqluwXc (ECDSA) eth0: 172.31.16.195 fe80::454:7aff:fe2f:46b1 ip-172-31-16-195 login: [ 122.494682] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 122.497134] IPv6: ADDRCONF(NETDEV_CHANGE): cali587fd09eed7: link becomes ready This is ip-172-31-16-195 (Linux aarch64 5.15.148-flatcar) 20:24:21 SSH host key: SHA256:8srRk12LsfPVELaSLoakw5yIU8yfyc4LKSLTx3XuVCk (RSA) SSH host key: SHA256:T4FeK2nBMIwOS3j4zdOYceCZNb1bmGRmUYQ0T1H0J9U (ED25519) SSH host key: SHA256:MfkPi8IuFs1MjX4T/6xjyPxed87w8/P3ASeDeqluwXc (ECDSA) eth0: 172.31.16.195 fe80::454:7aff:fe2f:46b1 ip-172-31-16-195 login: [ 123.330948] IPv6: ADDRCONF(NETDEV_CHANGE): calib6dab6b0f17: link becomes ready [ 123.390267] kauditd_printk_skb: 107 callbacks suppressed [ 123.390272] audit: type=1325 audit(1707769461.695:308): table=filter:120 family=2 entries=34 op=nft_register_chain pid=5013 subj=system_u:system_r:kernel_t:s0 comm="iptables-nft-re" [ 123.399497] audit: type=1300 audit(1707769461.695:308): arch=c00000b7 syscall=211 success=yes exit=17884 a0=3 a1=ffffc3e77f80 a2=0 a3=ffffa9948fa8 items=0 ppid=4673 pid=5013 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-nft-re" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 123.424193] audit: type=1327 audit(1707769461.695:308): proctitle=69707461626C65732D6E66742D726573746F7265002D2D6E6F666C757368002D2D766572626F7365002D2D77616974003130002D2D776169742D696E74657276616C003530303030 This is ip-172-31-16-195 (Linux aarch64 5.15.148-flatcar) 20:24:22 SSH host key: SHA256:8srRk12LsfPVELaSLoakw5yIU8yfyc4LKSLTx3XuVCk (RSA) SSH host key: SHA256:T4FeK2nBMIwOS3j4zdOYceCZNb1bmGRmUYQ0T1H0J9U (ED25519) SSH host key: SHA256:MfkPi8IuFs1MjX4T/6xjyPxed87w8/P3ASeDeqluwXc (ECDSA) eth0: 172.31.16.195 fe80::454:7aff:fe2f:46b1 ip-172-31-16-195 login: [ 124.394188] audit: type=1325 audit(1707769462.699:309): table=filter:121 family=2 entries=6 op=nft_register_rule pid=5122 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 124.400949] audit: type=1300 audit(1707769462.699:309): arch=c00000b7 syscall=211 success=yes exit=1916 a0=3 a1=ffffe581e920 a2=0 a3=ffff8e24c6c0 items=0 ppid=3263 pid=5122 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 124.415286] audit: type=1327 audit(1707769462.699:309): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 124.446758] audit: type=1325 audit(1707769462.750:310): table=nat:122 family=2 entries=60 op=nft_register_rule pid=5122 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 124.453968] audit: type=1300 audit(1707769462.750:310): arch=c00000b7 syscall=211 success=yes exit=19324 a0=3 a1=ffffe581e920 a2=0 a3=ffff8e24c6c0 items=0 ppid=3263 pid=5122 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 124.467772] audit: type=1327 audit(1707769462.750:310): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 124.736585] audit: type=1325 audit(1707769463.041:311): table=filter:123 family=2 entries=6 op=nft_register_rule pid=5172 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" This is ip-172-31-16-195 (Linux aarch64 5.15.148-flatcar) 20:24:23 SSH host key: SHA256:8srRk12LsfPVELaSLoakw5yIU8yfyc4LKSLTx3XuVCk (RSA) SSH host key: SHA256:T4FeK2nBMIwOS3j4zdOYceCZNb1bmGRmUYQ0T1H0J9U (ED25519) SSH host key: SHA256:MfkPi8IuFs1MjX4T/6xjyPxed87w8/P3ASeDeqluwXc (ECDSA) eth0: 172.31.16.195 fe80::454:7aff:fe2f:46b1 ip-172-31-16-195 login: This is ip-172-31-16-195 (Linux aarch64 5.15.148-flatcar) 20:24:24 SSH host key: SHA256:8srRk12LsfPVELaSLoakw5yIU8yfyc4LKSLTx3XuVCk (RSA) SSH host key: SHA256:T4FeK2nBMIwOS3j4zdOYceCZNb1bmGRmUYQ0T1H0J9U (ED25519) SSH host key: SHA256:MfkPi8IuFs1MjX4T/6xjyPxed87w8/P3ASeDeqluwXc (ECDSA) eth0: 172.31.16.195 fe80::454:7aff:fe2f:46b1 ip-172-31-16-195 login: [ 135.455794] kauditd_printk_skb: 5 callbacks suppressed [ 135.455798] audit: type=1130 audit(1707769473.760:313): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@7-172.31.16.195:22-147.75.109.163:36410 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 135.648338] audit: type=1101 audit(1707769473.952:314): pid=5474 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 135.660883] audit: type=1103 audit(1707769473.964:315): pid=5474 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 135.670508] audit: type=1006 audit(1707769473.964:316): pid=5474 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=8 res=1 [ 135.676710] audit: type=1300 audit(1707769473.964:316): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffe98835b0 a2=3 a3=1 items=0 ppid=1 pid=5474 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=8 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 135.691814] audit: type=1327 audit(1707769473.964:316): proctitle=737368643A20636F7265205B707269765D [ 135.696460] audit: type=1105 audit(1707769473.994:317): pid=5474 uid=0 auid=500 ses=8 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 135.711666] audit: type=1103 audit(1707769474.000:318): pid=5477 uid=0 auid=500 ses=8 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 135.984741] audit: type=1106 audit(1707769474.289:319): pid=5474 uid=0 auid=500 ses=8 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 135.998001] audit: type=1104 audit(1707769474.291:320): pid=5474 uid=0 auid=500 ses=8 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 141.010393] kauditd_printk_skb: 1 callbacks suppressed [ 141.010397] audit: type=1130 audit(1707769479.314:322): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@8-172.31.16.195:22-147.75.109.163:42266 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 141.187217] audit: type=1101 audit(1707769479.491:323): pid=5507 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 141.197622] audit: type=1103 audit(1707769479.494:324): pid=5507 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 141.207325] audit: type=1006 audit(1707769479.494:325): pid=5507 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=9 res=1 [ 141.213576] audit: type=1300 audit(1707769479.494:325): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=fffff92abbc0 a2=3 a3=1 items=0 ppid=1 pid=5507 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=9 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 141.224970] audit: type=1327 audit(1707769479.494:325): proctitle=737368643A20636F7265205B707269765D [ 141.244935] audit: type=1105 audit(1707769479.549:326): pid=5507 uid=0 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 141.257101] audit: type=1103 audit(1707769479.552:327): pid=5510 uid=0 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 141.485220] audit: type=1106 audit(1707769479.789:328): pid=5507 uid=0 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 141.497047] audit: type=1104 audit(1707769479.790:329): pid=5507 uid=0 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 146.510578] kauditd_printk_skb: 1 callbacks suppressed [ 146.510583] audit: type=1130 audit(1707769484.814:331): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@9-172.31.16.195:22-147.75.109.163:54104 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 146.689241] audit: type=1101 audit(1707769484.993:332): pid=5532 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 146.702003] audit: type=1103 audit(1707769485.005:333): pid=5532 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 146.711858] audit: type=1006 audit(1707769485.005:334): pid=5532 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=10 res=1 [ 146.718134] audit: type=1300 audit(1707769485.005:334): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffc27831b0 a2=3 a3=1 items=0 ppid=1 pid=5532 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=10 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 146.729121] audit: type=1327 audit(1707769485.005:334): proctitle=737368643A20636F7265205B707269765D [ 146.753002] audit: type=1105 audit(1707769485.057:335): pid=5532 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 146.766040] audit: type=1103 audit(1707769485.070:336): pid=5535 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 147.009372] audit: type=1106 audit(1707769485.313:337): pid=5532 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 147.026077] audit: type=1104 audit(1707769485.318:338): pid=5532 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 152.032613] kauditd_printk_skb: 1 callbacks suppressed [ 152.032617] audit: type=1130 audit(1707769490.336:340): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@10-172.31.16.195:22-147.75.109.163:54108 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 152.208827] audit: type=1101 audit(1707769490.512:341): pid=5568 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 152.223725] audit: type=1103 audit(1707769490.523:342): pid=5568 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 152.234126] audit: type=1006 audit(1707769490.524:343): pid=5568 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=11 res=1 [ 152.240425] audit: type=1300 audit(1707769490.524:343): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffe3152e40 a2=3 a3=1 items=0 ppid=1 pid=5568 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=11 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 152.251947] audit: type=1327 audit(1707769490.524:343): proctitle=737368643A20636F7265205B707269765D [ 152.269947] audit: type=1105 audit(1707769490.573:344): pid=5568 uid=0 auid=500 ses=11 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 152.289971] audit: type=1103 audit(1707769490.586:345): pid=5571 uid=0 auid=500 ses=11 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 152.525205] audit: type=1106 audit(1707769490.829:346): pid=5568 uid=0 auid=500 ses=11 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 152.539402] audit: type=1104 audit(1707769490.830:347): pid=5568 uid=0 auid=500 ses=11 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 157.550755] kauditd_printk_skb: 1 callbacks suppressed [ 157.550759] audit: type=1130 audit(1707769495.855:349): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@11-172.31.16.195:22-147.75.109.163:35874 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 157.717859] audit: type=1101 audit(1707769496.022:350): pid=5583 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 157.728895] audit: type=1103 audit(1707769496.025:351): pid=5583 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 157.739546] audit: type=1006 audit(1707769496.025:352): pid=5583 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=12 res=1 [ 157.755376] audit: type=1300 audit(1707769496.025:352): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=fffffd909d50 a2=3 a3=1 items=0 ppid=1 pid=5583 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=12 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 157.766615] audit: type=1327 audit(1707769496.025:352): proctitle=737368643A20636F7265205B707269765D [ 157.778095] audit: type=1105 audit(1707769496.083:353): pid=5583 uid=0 auid=500 ses=12 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 157.794623] audit: type=1103 audit(1707769496.099:354): pid=5586 uid=0 auid=500 ses=12 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 158.095741] audit: type=1106 audit(1707769496.400:355): pid=5583 uid=0 auid=500 ses=12 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 158.134992] audit: type=1104 audit(1707769496.400:356): pid=5583 uid=0 auid=500 ses=12 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 166.268113] kauditd_printk_skb: 23 callbacks suppressed [ 166.268119] audit: type=1130 audit(1707769504.572:376): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@14-172.31.16.195:22-147.75.109.163:46310 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 166.436192] audit: type=1101 audit(1707769504.741:377): pid=5632 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 166.446595] audit: type=1103 audit(1707769504.741:378): pid=5632 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 166.456745] audit: type=1006 audit(1707769504.741:379): pid=5632 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=15 res=1 [ 166.463343] audit: type=1300 audit(1707769504.741:379): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=fffff1a7b8a0 a2=3 a3=1 items=0 ppid=1 pid=5632 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=15 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 166.480194] audit: type=1327 audit(1707769504.741:379): proctitle=737368643A20636F7265205B707269765D [ 166.484991] audit: type=1105 audit(1707769504.785:380): pid=5632 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 166.497363] audit: type=1103 audit(1707769504.802:381): pid=5636 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 166.790422] audit: type=1106 audit(1707769505.095:382): pid=5632 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 166.803309] audit: type=1104 audit(1707769505.095:383): pid=5632 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 171.815281] kauditd_printk_skb: 1 callbacks suppressed [ 171.815286] audit: type=1130 audit(1707769510.120:385): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@15-172.31.16.195:22-147.75.109.163:46316 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 171.986073] audit: type=1101 audit(1707769510.290:386): pid=5665 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 171.996575] audit: type=1103 audit(1707769510.293:387): pid=5665 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 172.006737] audit: type=1006 audit(1707769510.293:388): pid=5665 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=16 res=1 [ 172.013787] audit: type=1300 audit(1707769510.293:388): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffcc819910 a2=3 a3=1 items=0 ppid=1 pid=5665 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=16 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 172.024315] audit: type=1327 audit(1707769510.293:388): proctitle=737368643A20636F7265205B707269765D [ 172.028816] audit: type=1105 audit(1707769510.333:389): pid=5665 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 172.040362] audit: type=1103 audit(1707769510.336:390): pid=5668 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 172.268906] audit: type=1106 audit(1707769510.573:391): pid=5665 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 172.283243] audit: type=1104 audit(1707769510.575:392): pid=5665 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 177.292385] kauditd_printk_skb: 1 callbacks suppressed [ 177.292390] audit: type=1130 audit(1707769515.597:394): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@16-172.31.16.195:22-147.75.109.163:54528 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 177.464998] audit: type=1101 audit(1707769515.769:395): pid=5681 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 177.477184] audit: type=1103 audit(1707769515.781:396): pid=5681 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 177.487350] audit: type=1006 audit(1707769515.782:397): pid=5681 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=17 res=1 [ 177.493720] audit: type=1300 audit(1707769515.782:397): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=fffff8efc680 a2=3 a3=1 items=0 ppid=1 pid=5681 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=17 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 177.504347] audit: type=1327 audit(1707769515.782:397): proctitle=737368643A20636F7265205B707269765D [ 177.522240] audit: type=1105 audit(1707769515.827:398): pid=5681 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 177.534519] audit: type=1103 audit(1707769515.830:399): pid=5684 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 177.789098] audit: type=1106 audit(1707769516.093:400): pid=5681 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 177.800491] audit: type=1104 audit(1707769516.099:401): pid=5681 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 182.814048] kauditd_printk_skb: 1 callbacks suppressed [ 182.814053] audit: type=1130 audit(1707769521.118:403): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@17-172.31.16.195:22-147.75.109.163:54538 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 182.995807] audit: type=1101 audit(1707769521.298:404): pid=5716 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 183.006077] audit: type=1103 audit(1707769521.302:405): pid=5716 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 183.016109] audit: type=1006 audit(1707769521.302:406): pid=5716 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=18 res=1 [ 183.022643] audit: type=1300 audit(1707769521.302:406): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=fffff72d4440 a2=3 a3=1 items=0 ppid=1 pid=5716 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=18 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 183.033404] audit: type=1327 audit(1707769521.302:406): proctitle=737368643A20636F7265205B707269765D [ 183.065150] audit: type=1105 audit(1707769521.368:407): pid=5716 uid=0 auid=500 ses=18 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 183.078123] audit: type=1103 audit(1707769521.381:408): pid=5719 uid=0 auid=500 ses=18 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 183.328747] audit: type=1106 audit(1707769521.633:409): pid=5716 uid=0 auid=500 ses=18 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 183.341857] audit: type=1104 audit(1707769521.633:410): pid=5716 uid=0 auid=500 ses=18 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 188.353157] kauditd_printk_skb: 1 callbacks suppressed [ 188.353162] audit: type=1130 audit(1707769526.657:412): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@18-172.31.16.195:22-147.75.109.163:40540 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 188.535749] audit: type=1101 audit(1707769526.840:413): pid=5730 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 188.546448] audit: type=1103 audit(1707769526.840:414): pid=5730 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 188.556871] audit: type=1006 audit(1707769526.840:415): pid=5730 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=19 res=1 [ 188.563420] audit: type=1300 audit(1707769526.840:415): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffe27326a0 a2=3 a3=1 items=0 ppid=1 pid=5730 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=19 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 188.576213] audit: type=1327 audit(1707769526.840:415): proctitle=737368643A20636F7265205B707269765D [ 188.601145] audit: type=1105 audit(1707769526.905:416): pid=5730 uid=0 auid=500 ses=19 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 188.617564] audit: type=1103 audit(1707769526.921:417): pid=5733 uid=0 auid=500 ses=19 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 188.861185] audit: type=1106 audit(1707769527.165:418): pid=5730 uid=0 auid=500 ses=19 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 188.876083] audit: type=1104 audit(1707769527.166:419): pid=5730 uid=0 auid=500 ses=19 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 196.231079] kauditd_printk_skb: 57 callbacks suppressed [ 196.231084] audit: type=1325 audit(1707769534.534:461): table=filter:129 family=2 entries=30 op=nft_register_rule pid=5892 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 196.240696] audit: type=1300 audit(1707769534.534:461): arch=c00000b7 syscall=211 success=yes exit=10364 a0=3 a1=ffffd197ab40 a2=0 a3=ffff8b35e6c0 items=0 ppid=3263 pid=5892 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 196.253681] audit: type=1327 audit(1707769534.534:461): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 196.260664] audit: type=1325 audit(1707769534.537:462): table=nat:130 family=2 entries=78 op=nft_register_rule pid=5892 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 196.269252] audit: type=1300 audit(1707769534.537:462): arch=c00000b7 syscall=211 success=yes exit=24988 a0=3 a1=ffffd197ab40 a2=0 a3=ffff8b35e6c0 items=0 ppid=3263 pid=5892 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 196.283027] audit: type=1327 audit(1707769534.537:462): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 196.528422] audit: type=1325 audit(1707769534.831:463): table=filter:131 family=2 entries=31 op=nft_register_rule pid=5919 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 196.537381] audit: type=1300 audit(1707769534.831:463): arch=c00000b7 syscall=211 success=yes exit=11068 a0=3 a1=ffffc73a4540 a2=0 a3=ffff9458a6c0 items=0 ppid=3263 pid=5919 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 196.550487] audit: type=1327 audit(1707769534.831:463): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 196.556239] audit: type=1325 audit(1707769534.855:464): table=nat:132 family=2 entries=78 op=nft_register_rule pid=5919 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 197.222608] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 197.225026] IPv6: ADDRCONF(NETDEV_CHANGE): cali46e39a0b44c: link becomes ready This is ip-172-31-16-195 (Linux aarch64 5.15.148-flatcar) 20:25:37 SSH host key: SHA256:8srRk12LsfPVELaSLoakw5yIU8yfyc4LKSLTx3XuVCk (RSA) SSH host key: SHA256:T4FeK2nBMIwOS3j4zdOYceCZNb1bmGRmUYQ0T1H0J9U (ED25519) SSH host key: SHA256:MfkPi8IuFs1MjX4T/6xjyPxed87w8/P3ASeDeqluwXc (ECDSA) eth0: 172.31.16.195 fe80::454:7aff:fe2f:46b1 ip-172-31-16-195 login: [ 201.446170] kauditd_printk_skb: 22 callbacks suppressed [ 201.446175] audit: type=1325 audit(1707769539.749:477): table=filter:136 family=2 entries=8 op=nft_register_rule pid=6122 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 201.457448] audit: type=1300 audit(1707769539.749:477): arch=c00000b7 syscall=211 success=yes exit=2620 a0=3 a1=ffffff6bace0 a2=0 a3=ffff95f766c0 items=0 ppid=3263 pid=6122 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 201.469597] audit: type=1327 audit(1707769539.749:477): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 201.475082] audit: type=1325 audit(1707769539.766:478): table=nat:137 family=2 entries=198 op=nft_register_rule pid=6122 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 201.480956] audit: type=1300 audit(1707769539.766:478): arch=c00000b7 syscall=211 success=yes exit=66940 a0=3 a1=ffffff6bace0 a2=0 a3=ffff95f766c0 items=0 ppid=3263 pid=6122 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 201.492933] audit: type=1327 audit(1707769539.766:478): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 203.284801] audit: type=1130 audit(1707769541.588:479): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@24-172.31.16.195:22-147.75.109.163:32808 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 203.464992] audit: type=1101 audit(1707769541.768:480): pid=6131 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 203.477056] audit: type=1103 audit(1707769541.780:481): pid=6131 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 203.487485] audit: type=1006 audit(1707769541.780:482): pid=6131 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=25 res=1 [ 208.813460] kauditd_printk_skb: 13 callbacks suppressed [ 208.813465] audit: type=1130 audit(1707769547.116:490): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@25-172.31.16.195:22-147.75.109.163:53680 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 208.995883] audit: type=1101 audit(1707769547.299:491): pid=6198 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 209.008089] audit: type=1103 audit(1707769547.311:492): pid=6198 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 209.017752] audit: type=1006 audit(1707769547.311:493): pid=6198 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=26 res=1 [ 209.023774] audit: type=1300 audit(1707769547.311:493): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffcb699d80 a2=3 a3=1 items=0 ppid=1 pid=6198 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=26 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 209.034375] audit: type=1327 audit(1707769547.311:493): proctitle=737368643A20636F7265205B707269765D [ 209.057944] audit: type=1105 audit(1707769547.360:494): pid=6198 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 209.071511] audit: type=1103 audit(1707769547.363:495): pid=6201 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 209.294377] audit: type=1106 audit(1707769547.597:496): pid=6198 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 209.306134] audit: type=1104 audit(1707769547.599:497): pid=6198 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 214.318991] kauditd_printk_skb: 1 callbacks suppressed [ 214.318995] audit: type=1130 audit(1707769552.622:499): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@26-172.31.16.195:22-147.75.109.163:53692 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 214.486511] audit: type=1101 audit(1707769552.790:500): pid=6211 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 214.497255] audit: type=1103 audit(1707769552.792:501): pid=6211 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 214.507239] audit: type=1006 audit(1707769552.792:502): pid=6211 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=27 res=1 [ 214.513486] audit: type=1300 audit(1707769552.792:502): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=fffffea978c0 a2=3 a3=1 items=0 ppid=1 pid=6211 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=27 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 214.526474] audit: type=1327 audit(1707769552.792:502): proctitle=737368643A20636F7265205B707269765D [ 214.553982] audit: type=1105 audit(1707769552.857:503): pid=6211 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 214.567736] audit: type=1103 audit(1707769552.862:504): pid=6214 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 214.871975] audit: type=1106 audit(1707769553.175:505): pid=6211 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 214.889184] audit: type=1104 audit(1707769553.175:506): pid=6211 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 219.898310] kauditd_printk_skb: 1 callbacks suppressed [ 219.898316] audit: type=1130 audit(1707769558.202:508): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@27-172.31.16.195:22-147.75.109.163:58712 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 220.075380] audit: type=1101 audit(1707769558.380:509): pid=6228 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 220.086042] audit: type=1103 audit(1707769558.381:510): pid=6228 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 220.096467] audit: type=1006 audit(1707769558.381:511): pid=6228 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=28 res=1 [ 220.102491] audit: type=1300 audit(1707769558.381:511): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffcaf1d0c0 a2=3 a3=1 items=0 ppid=1 pid=6228 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=28 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 220.114599] audit: type=1327 audit(1707769558.381:511): proctitle=737368643A20636F7265205B707269765D [ 220.150361] audit: type=1105 audit(1707769558.455:512): pid=6228 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 220.162310] audit: type=1103 audit(1707769558.460:513): pid=6232 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 220.399386] audit: type=1106 audit(1707769558.704:514): pid=6228 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 220.411952] audit: type=1104 audit(1707769558.705:515): pid=6228 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 225.421933] kauditd_printk_skb: 1 callbacks suppressed [ 225.421937] audit: type=1130 audit(1707769563.726:517): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@28-172.31.16.195:22-147.75.109.163:58718 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 225.597507] audit: type=1101 audit(1707769563.902:518): pid=6252 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 225.607523] audit: type=1103 audit(1707769563.908:519): pid=6252 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 225.616992] audit: type=1006 audit(1707769563.908:520): pid=6252 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=29 res=1 [ 225.622927] audit: type=1300 audit(1707769563.908:520): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=fffff4725e80 a2=3 a3=1 items=0 ppid=1 pid=6252 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=29 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 225.634133] audit: type=1327 audit(1707769563.908:520): proctitle=737368643A20636F7265205B707269765D [ 225.645627] audit: type=1105 audit(1707769563.950:521): pid=6252 uid=0 auid=500 ses=29 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 225.657009] audit: type=1103 audit(1707769563.950:522): pid=6255 uid=0 auid=500 ses=29 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 225.876386] audit: type=1106 audit(1707769564.181:523): pid=6252 uid=0 auid=500 ses=29 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 225.889765] audit: type=1104 audit(1707769564.181:524): pid=6252 uid=0 auid=500 ses=29 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 230.902202] kauditd_printk_skb: 13 callbacks suppressed [ 230.902218] audit: type=1130 audit(1707769569.207:530): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@29-172.31.16.195:22-147.75.109.163:55942 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 231.084381] audit: type=1101 audit(1707769569.389:531): pid=6357 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 231.100323] audit: type=1103 audit(1707769569.404:532): pid=6357 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 231.112439] audit: type=1006 audit(1707769569.404:533): pid=6357 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=30 res=1 [ 231.120853] audit: type=1300 audit(1707769569.404:533): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffc057bbd0 a2=3 a3=1 items=0 ppid=1 pid=6357 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=30 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 231.136211] audit: type=1327 audit(1707769569.404:533): proctitle=737368643A20636F7265205B707269765D [ 231.152125] audit: type=1105 audit(1707769569.456:534): pid=6357 uid=0 auid=500 ses=30 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 231.165097] audit: type=1103 audit(1707769569.457:535): pid=6360 uid=0 auid=500 ses=30 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 231.414123] audit: type=1106 audit(1707769569.719:536): pid=6357 uid=0 auid=500 ses=30 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 231.431262] audit: type=1104 audit(1707769569.719:537): pid=6357 uid=0 auid=500 ses=30 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success'