? terminal=? res=success' [ 55.180009] audit: type=1131 audit(1712946157.208:181): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 55.195743] audit: type=1130 audit(1712946157.211:182): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 55.306636] audit: type=1131 audit(1712946157.347:183): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed' [ 61.010320] audit: type=1130 audit(1712946163.052:184): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 61.018349] audit: type=1131 audit(1712946163.052:185): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 61.585120] audit: type=1130 audit(1712946163.628:186): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 62.412959] audit: type=1400 audit(1712946164.456:187): avc: denied { mac_admin } for pid=2406 comm="kubelet" capability=33 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 62.420575] audit: type=1401 audit(1712946164.456:187): op=setxattr invalid_context="system_u:object_r:container_file_t:s0" [ 62.425444] audit: type=1300 audit(1712946164.456:187): arch=c00000b7 syscall=5 success=no exit=-22 a0=4000b4a150 a1=4000a04ee8 a2=4000b4a120 a3=25 items=0 ppid=1 pid=2406 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kubelet" exe="/opt/bin/kubelet" subj=system_u:system_r:kernel_t:s0 key=(null) [ 62.438980] audit: type=1327 audit(1712946164.456:187): proctitle=2F6F70742F62696E2F6B7562656C6574002D2D626F6F7473747261702D6B756265636F6E6669673D2F6574632F6B756265726E657465732F626F6F7473747261702D6B7562656C65742E636F6E66002D2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F6B7562656C65742E636F6E66002D2D636F6E6669 [ 62.450022] audit: type=1400 audit(1712946164.456:188): avc: denied { mac_admin } for pid=2406 comm="kubelet" capability=33 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 62.458769] audit: type=1401 audit(1712946164.456:188): op=setxattr invalid_context="system_u:object_r:container_file_t:s0" [ 62.464192] audit: type=1300 audit(1712946164.456:188): arch=c00000b7 syscall=5 success=no exit=-22 a0=400067b980 a1=4000a04f00 a2=4000b4a1e0 a3=25 items=0 ppid=1 pid=2406 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kubelet" exe="/opt/bin/kubelet" subj=system_u:system_r:kernel_t:s0 key=(null) [ 71.518225] kauditd_printk_skb: 41 callbacks suppressed [ 71.518229] audit: type=1131 audit(1712946173.563:202): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 71.533115] audit: type=1130 audit(1712946173.574:203): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 71.745575] audit: type=1400 audit(1712946173.790:204): avc: denied { mac_admin } for pid=2860 comm="kubelet" capability=33 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 71.761480] audit: type=1401 audit(1712946173.790:204): op=setxattr invalid_context="system_u:object_r:container_file_t:s0" [ 71.775954] audit: type=1300 audit(1712946173.790:204): arch=c00000b7 syscall=5 success=no exit=-22 a0=40007bda10 a1=40006216f8 a2=40007bd9e0 a3=25 items=0 ppid=1 pid=2860 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kubelet" exe="/opt/bin/kubelet" subj=system_u:system_r:kernel_t:s0 key=(null) [ 71.797551] audit: type=1327 audit(1712946173.790:204): proctitle=2F6F70742F62696E2F6B7562656C6574002D2D626F6F7473747261702D6B756265636F6E6669673D2F6574632F6B756265726E657465732F626F6F7473747261702D6B7562656C65742E636F6E66002D2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F6B7562656C65742E636F6E66002D2D636F6E6669 [ 71.808251] audit: type=1400 audit(1712946173.791:205): avc: denied { mac_admin } for pid=2860 comm="kubelet" capability=33 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 71.820696] audit: type=1401 audit(1712946173.791:205): op=setxattr invalid_context="system_u:object_r:container_file_t:s0" [ 71.825009] audit: type=1300 audit(1712946173.791:205): arch=c00000b7 syscall=5 success=no exit=-22 a0=4000723640 a1=4000621710 a2=40007bdaa0 a3=25 items=0 ppid=1 pid=2860 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kubelet" exe="/opt/bin/kubelet" subj=system_u:system_r:kernel_t:s0 key=(null) [ 71.837299] audit: type=1327 audit(1712946173.791:205): proctitle=2F6F70742F62696E2F6B7562656C6574002D2D626F6F7473747261702D6B756265636F6E6669673D2F6574632F6B756265726E657465732F626F6F7473747261702D6B7562656C65742E636F6E66002D2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F6B7562656C65742E636F6E66002D2D636F6E6669 [ 78.375516] kauditd_printk_skb: 4 callbacks suppressed [ 78.375520] audit: type=1106 audit(1712946180.421:207): pid=1978 uid=500 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_limits,pam_env,pam_unix,pam_permit,pam_systemd acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 78.386755] audit: type=1104 audit(1712946180.421:208): pid=1978 uid=500 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 78.414666] audit: type=1106 audit(1712946180.457:209): pid=1974 uid=0 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 78.429435] audit: type=1104 audit(1712946180.457:210): pid=1974 uid=0 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 78.440648] audit: type=1131 audit(1712946180.460:211): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@6-172.31.22.35:22-139.178.89.65:55366 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 85.452054] audit: type=1325 audit(1712946187.498:212): table=mangle:38 family=10 entries=1 op=nft_register_chain pid=3075 subj=system_u:system_r:kernel_t:s0 comm="ip6tables" [ 85.461004] audit: type=1300 audit(1712946187.498:212): arch=c00000b7 syscall=211 success=yes exit=104 a0=3 a1=ffffe5a1a910 a2=0 a3=1 items=0 ppid=3037 pid=3075 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ip6tables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 85.476315] audit: type=1327 audit(1712946187.498:212): proctitle=6970367461626C6573002D770035002D5700313030303030002D4E004B5542452D50524F58592D43414E415259002D74006D616E676C65 [ 85.483584] audit: type=1325 audit(1712946187.503:213): table=mangle:39 family=2 entries=1 op=nft_register_chain pid=3076 subj=system_u:system_r:kernel_t:s0 comm="iptables" [ 85.490107] audit: type=1300 audit(1712946187.503:213): arch=c00000b7 syscall=211 success=yes exit=104 a0=3 a1=ffffeb896a30 a2=0 a3=1 items=0 ppid=3037 pid=3076 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 85.501459] audit: type=1327 audit(1712946187.503:213): proctitle=69707461626C6573002D770035002D5700313030303030002D4E004B5542452D50524F58592D43414E415259002D74006D616E676C65 [ 85.507887] audit: type=1325 audit(1712946187.522:214): table=nat:40 family=2 entries=1 op=nft_register_chain pid=3078 subj=system_u:system_r:kernel_t:s0 comm="iptables" [ 85.513698] audit: type=1300 audit(1712946187.522:214): arch=c00000b7 syscall=211 success=yes exit=100 a0=3 a1=ffffccc5c840 a2=0 a3=1 items=0 ppid=3037 pid=3078 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 85.525736] audit: type=1327 audit(1712946187.522:214): proctitle=69707461626C6573002D770035002D5700313030303030002D4E004B5542452D50524F58592D43414E415259002D74006E6174 [ 85.531125] audit: type=1325 audit(1712946187.524:215): table=nat:41 family=10 entries=1 op=nft_register_chain pid=3077 subj=system_u:system_r:kernel_t:s0 comm="ip6tables" [ 91.088976] kauditd_printk_skb: 143 callbacks suppressed [ 91.088980] audit: type=1325 audit(1712946193.136:263): table=filter:89 family=2 entries=15 op=nft_register_rule pid=3210 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 91.097946] audit: type=1300 audit(1712946193.136:263): arch=c00000b7 syscall=211 success=yes exit=5908 a0=3 a1=ffffc4bd1050 a2=0 a3=1 items=0 ppid=3037 pid=3210 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 91.109791] audit: type=1327 audit(1712946193.136:263): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 91.116147] audit: type=1325 audit(1712946193.144:264): table=nat:90 family=2 entries=12 op=nft_register_rule pid=3210 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 91.123603] audit: type=1300 audit(1712946193.144:264): arch=c00000b7 syscall=211 success=yes exit=2700 a0=3 a1=ffffc4bd1050 a2=0 a3=1 items=0 ppid=3037 pid=3210 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 91.136508] audit: type=1327 audit(1712946193.144:264): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 91.142932] audit: type=1325 audit(1712946193.185:265): table=filter:91 family=2 entries=16 op=nft_register_rule pid=3212 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 91.149066] audit: type=1300 audit(1712946193.185:265): arch=c00000b7 syscall=211 success=yes exit=5908 a0=3 a1=ffffd49fe950 a2=0 a3=1 items=0 ppid=3037 pid=3212 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 91.160435] audit: type=1327 audit(1712946193.185:265): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 91.165914] audit: type=1325 audit(1712946193.186:266): table=nat:92 family=2 entries=12 op=nft_register_rule pid=3212 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 97.143870] kauditd_printk_skb: 8 callbacks suppressed [ 97.143875] audit: type=1325 audit(1712946199.191:269): table=filter:95 family=2 entries=15 op=nft_register_rule pid=3486 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 97.151790] audit: type=1300 audit(1712946199.191:269): arch=c00000b7 syscall=211 success=yes exit=5164 a0=3 a1=ffffd1af6a40 a2=0 a3=1 items=0 ppid=3037 pid=3486 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 97.163525] audit: type=1327 audit(1712946199.191:269): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 97.169005] audit: type=1325 audit(1712946199.193:270): table=nat:96 family=2 entries=19 op=nft_register_chain pid=3486 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 97.174737] audit: type=1300 audit(1712946199.193:270): arch=c00000b7 syscall=211 success=yes exit=6276 a0=3 a1=ffffd1af6a40 a2=0 a3=1 items=0 ppid=3037 pid=3486 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 97.186632] audit: type=1327 audit(1712946199.193:270): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 111.795238] wireguard: WireGuard 1.0.0 loaded. See www.wireguard.com for information. [ 111.798195] wireguard: Copyright (C) 2015-2019 Jason A. Donenfeld . All Rights Reserved. [ 113.745886] audit: type=1400 audit(1712946215.795:271): avc: denied { write } for pid=3914 comm="tee" name="fd" dev="proc" ino=20123 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dir permissive=0 [ 113.757309] audit: type=1400 audit(1712946215.805:272): avc: denied { write } for pid=3903 comm="tee" name="fd" dev="proc" ino=20126 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dir permissive=0 [ 113.767284] audit: type=1300 audit(1712946215.805:272): arch=c00000b7 syscall=56 success=yes exit=3 a0=ffffffffffffff9c a1=ffffefb4b984 a2=241 a3=1b6 items=1 ppid=3875 pid=3903 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="tee" exe="/usr/bin/coreutils" subj=system_u:system_r:kernel_t:s0 key=(null) [ 113.782297] audit: type=1307 audit(1712946215.805:272): cwd="/etc/service/enabled/bird/log" [ 113.788524] audit: type=1302 audit(1712946215.805:272): item=0 name="/dev/fd/63" inode=20111 dev=00:0b mode=010600 ouid=0 ogid=0 rdev=00:00 obj=system_u:system_r:kernel_t:s0 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 [ 113.808326] audit: type=1327 audit(1712946215.805:272): proctitle=2F7573722F62696E2F636F72657574696C73002D2D636F72657574696C732D70726F672D73686562616E673D746565002F7573722F62696E2F746565002F6465762F66642F3633 [ 113.817020] audit: type=1300 audit(1712946215.795:271): arch=c00000b7 syscall=56 success=yes exit=3 a0=ffffffffffffff9c a1=fffff6499983 a2=241 a3=1b6 items=1 ppid=3882 pid=3914 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="tee" exe="/usr/bin/coreutils" subj=system_u:system_r:kernel_t:s0 key=(null) [ 113.828651] audit: type=1307 audit(1712946215.795:271): cwd="/etc/service/enabled/bird6/log" [ 113.831890] audit: type=1302 audit(1712946215.795:271): item=0 name="/dev/fd/63" inode=20689 dev=00:0b mode=010600 ouid=0 ogid=0 rdev=00:00 obj=system_u:system_r:kernel_t:s0 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 [ 113.851413] audit: type=1327 audit(1712946215.795:271): proctitle=2F7573722F62696E2F636F72657574696C73002D2D636F72657574696C732D70726F672D73686562616E673D746565002F7573722F62696E2F746565002F6465762F66642F3633 [ 115.588870] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 115.591412] IPv6: ADDRCONF(NETDEV_CHANGE): cali0489a6ab95b: link becomes ready [ 115.754830] IPv6: ADDRCONF(NETDEV_CHANGE): calibd0c92656ba: link becomes ready This is ip-172-31-22-35 (Linux aarch64 5.15.154-flatcar) 18:23:38 SSH host key: SHA256:/nKdFqVtmLz0d1GEGj9cWcucJl5DdmBNYGdPquE+gFQ (ED25519) SSH host key: SHA256:gflg2Yc6J5GmPO8r1hQz0VFGumJhohv3GYFAmUeqyEM (RSA) SSH host key: SHA256:86to42WGbRr2PIZ2/M5VIg65Ksl4kuNf/m48mH6cHNk (ECDSA) eth0: 172.31.22.35 fe80::4f4:6ff:fe91:999f ip-172-31-22-35 login: This is ip-172-31-22-35 (Linux aarch64 5.15.154-flatcar) 18:23:40 SSH host key: SHA256:/nKdFqVtmLz0d1GEGj9cWcucJl5DdmBNYGdPquE+gFQ (ED25519) SSH host key: SHA256:gflg2Yc6J5GmPO8r1hQz0VFGumJhohv3GYFAmUeqyEM (RSA) SSH host key: SHA256:86to42WGbRr2PIZ2/M5VIg65Ksl4kuNf/m48mH6cHNk (ECDSA) eth0: 172.31.22.35 fe80::4f4:6ff:fe91:999f ip-172-31-22-35 login: [ 118.430069] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 118.432585] IPv6: ADDRCONF(NETDEV_CHANGE): cali6eff3c53745: link becomes ready This is ip-172-31-22-35 (Linux aarch64 5.15.154-flatcar) 18:23:41 SSH host key: SHA256:/nKdFqVtmLz0d1GEGj9cWcucJl5DdmBNYGdPquE+gFQ (ED25519) SSH host key: SHA256:gflg2Yc6J5GmPO8r1hQz0VFGumJhohv3GYFAmUeqyEM (RSA) SSH host key: SHA256:86to42WGbRr2PIZ2/M5VIg65Ksl4kuNf/m48mH6cHNk (ECDSA) eth0: 172.31.22.35 fe80::4f4:6ff:fe91:999f ip-172-31-22-35 login: [ 119.345503] kauditd_printk_skb: 139 callbacks suppressed [ 119.345518] audit: type=1325 audit(1712946221.395:305): table=filter:108 family=2 entries=8 op=nft_register_rule pid=4492 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 119.353927] audit: type=1300 audit(1712946221.395:305): arch=c00000b7 syscall=211 success=yes exit=2932 a0=3 a1=fffff491e8a0 a2=0 a3=1 items=0 ppid=3037 pid=4492 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 119.370116] audit: type=1327 audit(1712946221.395:305): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 119.391783] audit: type=1325 audit(1712946221.441:306): table=nat:109 family=2 entries=56 op=nft_register_chain pid=4492 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 119.401442] audit: type=1300 audit(1712946221.441:306): arch=c00000b7 syscall=211 success=yes exit=19860 a0=3 a1=fffff491e8a0 a2=0 a3=1 items=0 ppid=3037 pid=4492 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 119.415562] audit: type=1327 audit(1712946221.441:306): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 120.396118] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 120.398549] IPv6: ADDRCONF(NETDEV_CHANGE): calicc84cd9e092: link becomes ready [ 120.499599] audit: type=1325 audit(1712946222.548:307): table=filter:110 family=2 entries=42 op=nft_register_chain pid=4582 subj=system_u:system_r:kernel_t:s0 comm="iptables-nft-re" [ 120.508925] audit: type=1300 audit(1712946222.548:307): arch=c00000b7 syscall=211 success=yes exit=21016 a0=3 a1=ffffead09d60 a2=0 a3=ffff9518cfa8 items=0 ppid=3887 pid=4582 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-nft-re" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 120.534882] audit: type=1327 audit(1712946222.548:307): proctitle=69707461626C65732D6E66742D726573746F7265002D2D6E6F666C757368002D2D766572626F7365002D2D77616974003130002D2D776169742D696E74657276616C003530303030 This is ip-172-31-22-35 (Linux aarch64 5.15.154-flatcar) 18:23:43 SSH host key: SHA256:/nKdFqVtmLz0d1GEGj9cWcucJl5DdmBNYGdPquE+gFQ (ED25519) SSH host key: SHA256:gflg2Yc6J5GmPO8r1hQz0VFGumJhohv3GYFAmUeqyEM (RSA) SSH host key: SHA256:86to42WGbRr2PIZ2/M5VIg65Ksl4kuNf/m48mH6cHNk (ECDSA) eth0: 172.31.22.35 fe80::4f4:6ff:fe91:999f ip-172-31-22-35 login: This is ip-172-31-22-35 (Linux aarch64 5.15.154-flatcar) 18:23:45 SSH host key: SHA256:/nKdFqVtmLz0d1GEGj9cWcucJl5DdmBNYGdPquE+gFQ (ED25519) SSH host key: SHA256:gflg2Yc6J5GmPO8r1hQz0VFGumJhohv3GYFAmUeqyEM (RSA) SSH host key: SHA256:86to42WGbRr2PIZ2/M5VIg65Ksl4kuNf/m48mH6cHNk (ECDSA) eth0: 172.31.22.35 fe80::4f4:6ff:fe91:999f ip-172-31-22-35 login: [ 125.476311] audit: type=1130 audit(1712946227.524:308): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@7-172.31.22.35:22-139.178.89.65:58936 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 125.659184] audit: type=1101 audit(1712946227.707:309): pid=4691 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 125.670951] audit: type=1103 audit(1712946227.709:310): pid=4691 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 125.688971] audit: type=1006 audit(1712946227.709:311): pid=4691 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=8 res=1 [ 125.698941] audit: type=1300 audit(1712946227.709:311): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=fffff91564e0 a2=3 a3=1 items=0 ppid=1 pid=4691 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=8 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 125.718803] audit: type=1327 audit(1712946227.709:311): proctitle=737368643A20636F7265205B707269765D [ 125.723315] audit: type=1105 audit(1712946227.770:312): pid=4691 uid=0 auid=500 ses=8 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 125.734878] audit: type=1103 audit(1712946227.771:313): pid=4696 uid=0 auid=500 ses=8 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 126.061707] audit: type=1106 audit(1712946228.108:314): pid=4691 uid=0 auid=500 ses=8 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 126.073397] audit: type=1104 audit(1712946228.108:315): pid=4691 uid=0 auid=500 ses=8 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 131.086000] kauditd_printk_skb: 1 callbacks suppressed [ 131.086006] audit: type=1130 audit(1712946233.134:317): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@8-172.31.22.35:22-139.178.89.65:58944 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 131.262631] audit: type=1101 audit(1712946233.310:318): pid=4709 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 131.272905] audit: type=1103 audit(1712946233.313:319): pid=4709 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 131.282885] audit: type=1006 audit(1712946233.313:320): pid=4709 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=9 res=1 [ 131.288898] audit: type=1300 audit(1712946233.313:320): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffdd428680 a2=3 a3=1 items=0 ppid=1 pid=4709 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=9 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 131.302388] audit: type=1327 audit(1712946233.313:320): proctitle=737368643A20636F7265205B707269765D [ 131.314573] audit: type=1105 audit(1712946233.362:321): pid=4709 uid=0 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 131.326628] audit: type=1103 audit(1712946233.374:322): pid=4712 uid=0 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 131.595789] audit: type=1106 audit(1712946233.643:323): pid=4709 uid=0 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 131.607835] audit: type=1104 audit(1712946233.644:324): pid=4709 uid=0 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 136.618010] kauditd_printk_skb: 1 callbacks suppressed [ 136.618015] audit: type=1130 audit(1712946238.666:326): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@9-172.31.22.35:22-139.178.89.65:43766 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 136.798354] audit: type=1101 audit(1712946238.846:327): pid=4951 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 136.808690] audit: type=1103 audit(1712946238.849:328): pid=4951 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 136.818635] audit: type=1006 audit(1712946238.849:329): pid=4951 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=10 res=1 [ 136.825925] audit: type=1300 audit(1712946238.849:329): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=fffff0fb2500 a2=3 a3=1 items=0 ppid=1 pid=4951 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=10 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 136.836282] audit: type=1327 audit(1712946238.849:329): proctitle=737368643A20636F7265205B707269765D [ 136.853720] audit: type=1105 audit(1712946238.900:330): pid=4951 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 136.866150] audit: type=1103 audit(1712946238.913:331): pid=4954 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 137.118623] audit: type=1106 audit(1712946239.166:332): pid=4951 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 137.130338] audit: type=1104 audit(1712946239.167:333): pid=4951 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 142.142268] kauditd_printk_skb: 1 callbacks suppressed [ 142.142272] audit: type=1130 audit(1712946244.190:335): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@10-172.31.22.35:22-139.178.89.65:43770 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 142.314436] audit: type=1101 audit(1712946244.362:336): pid=4988 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 142.327088] audit: type=1103 audit(1712946244.374:337): pid=4988 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 142.336707] audit: type=1006 audit(1712946244.374:338): pid=4988 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=11 res=1 [ 142.342844] audit: type=1300 audit(1712946244.374:338): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffd25db980 a2=3 a3=1 items=0 ppid=1 pid=4988 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=11 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 142.353430] audit: type=1327 audit(1712946244.374:338): proctitle=737368643A20636F7265205B707269765D [ 142.376213] audit: type=1105 audit(1712946244.424:339): pid=4988 uid=0 auid=500 ses=11 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 142.388593] audit: type=1103 audit(1712946244.436:340): pid=4991 uid=0 auid=500 ses=11 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 142.663881] audit: type=1106 audit(1712946244.711:341): pid=4988 uid=0 auid=500 ses=11 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 142.681539] audit: type=1104 audit(1712946244.712:342): pid=4988 uid=0 auid=500 ses=11 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 150.325359] kauditd_printk_skb: 23 callbacks suppressed [ 150.325364] audit: type=1130 audit(1712946252.373:362): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@13-172.31.22.35:22-139.178.89.65:45734 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 150.501081] audit: type=1101 audit(1712946252.548:363): pid=5056 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 150.512748] audit: type=1103 audit(1712946252.560:364): pid=5056 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 150.523034] audit: type=1006 audit(1712946252.561:365): pid=5056 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=14 res=1 [ 150.528910] audit: type=1300 audit(1712946252.561:365): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffe14bf110 a2=3 a3=1 items=0 ppid=1 pid=5056 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=14 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 150.539359] audit: type=1327 audit(1712946252.561:365): proctitle=737368643A20636F7265205B707269765D [ 150.562722] audit: type=1105 audit(1712946252.610:366): pid=5056 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 150.574887] audit: type=1103 audit(1712946252.613:367): pid=5059 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 150.804777] audit: type=1106 audit(1712946252.852:368): pid=5056 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 150.817577] audit: type=1104 audit(1712946252.854:369): pid=5056 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 155.829589] kauditd_printk_skb: 1 callbacks suppressed [ 155.829594] audit: type=1130 audit(1712946257.877:371): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@14-172.31.22.35:22-139.178.89.65:42764 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 156.025016] audit: type=1101 audit(1712946258.072:372): pid=5076 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 156.048484] audit: type=1103 audit(1712946258.074:373): pid=5076 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 156.060554] audit: type=1006 audit(1712946258.075:374): pid=5076 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=15 res=1 [ 156.068963] audit: type=1300 audit(1712946258.075:374): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffd46bf5c0 a2=3 a3=1 items=0 ppid=1 pid=5076 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=15 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 156.079627] audit: type=1327 audit(1712946258.075:374): proctitle=737368643A20636F7265205B707269765D [ 156.089666] audit: type=1105 audit(1712946258.135:375): pid=5076 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 156.102565] audit: type=1103 audit(1712946258.137:376): pid=5079 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 156.372721] audit: type=1106 audit(1712946258.418:377): pid=5076 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 156.395060] audit: type=1104 audit(1712946258.419:378): pid=5076 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 161.394528] kauditd_printk_skb: 1 callbacks suppressed [ 161.394532] audit: type=1130 audit(1712946263.442:380): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@15-172.31.22.35:22-139.178.89.65:42772 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 161.582586] audit: type=1101 audit(1712946263.630:381): pid=5095 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 161.593016] audit: type=1103 audit(1712946263.632:382): pid=5095 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 161.607744] audit: type=1006 audit(1712946263.632:383): pid=5095 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=16 res=1 [ 161.615162] audit: type=1300 audit(1712946263.632:383): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffd667b930 a2=3 a3=1 items=0 ppid=1 pid=5095 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=16 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 161.627015] audit: type=1327 audit(1712946263.632:383): proctitle=737368643A20636F7265205B707269765D [ 161.633804] audit: type=1105 audit(1712946263.675:384): pid=5095 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 161.644794] audit: type=1103 audit(1712946263.680:385): pid=5098 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 161.877446] audit: type=1106 audit(1712946263.925:386): pid=5095 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 161.890314] audit: type=1104 audit(1712946263.926:387): pid=5095 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 166.902309] kauditd_printk_skb: 1 callbacks suppressed [ 166.902314] audit: type=1130 audit(1712946268.950:389): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@16-172.31.22.35:22-139.178.89.65:44908 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 167.080428] audit: type=1101 audit(1712946269.128:390): pid=5129 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 167.092995] audit: type=1103 audit(1712946269.140:391): pid=5129 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 167.102971] audit: type=1006 audit(1712946269.140:392): pid=5129 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=17 res=1 [ 167.109129] audit: type=1300 audit(1712946269.140:392): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffe1290860 a2=3 a3=1 items=0 ppid=1 pid=5129 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=17 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 167.119193] audit: type=1327 audit(1712946269.140:392): proctitle=737368643A20636F7265205B707269765D [ 167.140311] audit: type=1105 audit(1712946269.188:393): pid=5129 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 167.151850] audit: type=1103 audit(1712946269.191:394): pid=5132 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 167.394185] audit: type=1106 audit(1712946269.442:395): pid=5129 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 167.409270] audit: type=1104 audit(1712946269.442:396): pid=5129 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 176.340655] kauditd_printk_skb: 57 callbacks suppressed [ 176.340661] audit: type=1130 audit(1712946278.388:438): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@21-172.31.22.35:22-139.178.89.65:41596 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 176.511428] audit: type=1101 audit(1712946278.559:439): pid=5225 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 176.525282] audit: type=1103 audit(1712946278.573:440): pid=5225 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 176.535125] audit: type=1006 audit(1712946278.573:441): pid=5225 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=22 res=1 [ 176.541986] audit: type=1300 audit(1712946278.573:441): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=fffff4caefb0 a2=3 a3=1 items=0 ppid=1 pid=5225 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=22 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 176.552545] audit: type=1327 audit(1712946278.573:441): proctitle=737368643A20636F7265205B707269765D [ 176.574897] audit: type=1105 audit(1712946278.622:442): pid=5225 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 176.586598] audit: type=1103 audit(1712946278.634:443): pid=5228 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 176.825470] audit: type=1106 audit(1712946278.873:444): pid=5225 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 176.836947] audit: type=1104 audit(1712946278.876:445): pid=5225 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 181.850434] kauditd_printk_skb: 7 callbacks suppressed [ 181.850438] audit: type=1130 audit(1712946283.898:449): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@22-172.31.22.35:22-139.178.89.65:41598 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 182.032008] audit: type=1101 audit(1712946284.080:450): pid=5246 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 182.042124] audit: type=1103 audit(1712946284.083:451): pid=5246 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 182.052019] audit: type=1006 audit(1712946284.083:452): pid=5246 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=23 res=1 [ 182.058046] audit: type=1300 audit(1712946284.083:452): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffde664130 a2=3 a3=1 items=0 ppid=1 pid=5246 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=23 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 182.068100] audit: type=1327 audit(1712946284.083:452): proctitle=737368643A20636F7265205B707269765D [ 182.089621] audit: type=1105 audit(1712946284.137:453): pid=5246 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 182.100819] audit: type=1103 audit(1712946284.138:454): pid=5249 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 182.343264] audit: type=1106 audit(1712946284.389:455): pid=5246 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 182.354503] audit: type=1104 audit(1712946284.389:456): pid=5246 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 185.912277] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 185.914650] IPv6: ADDRCONF(NETDEV_CHANGE): cali596ff5b7624: link becomes ready [ 187.366306] kauditd_printk_skb: 16 callbacks suppressed [ 187.366312] audit: type=1130 audit(1712946289.414:463): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@23-172.31.22.35:22-139.178.89.65:47794 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 187.616055] audit: type=1101 audit(1712946289.664:464): pid=5342 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 187.629912] audit: type=1103 audit(1712946289.678:465): pid=5342 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 187.641721] audit: type=1006 audit(1712946289.678:466): pid=5342 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=24 res=1 [ 187.649185] audit: type=1300 audit(1712946289.678:466): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffe152ce90 a2=3 a3=1 items=0 ppid=1 pid=5342 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=24 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 187.674742] audit: type=1327 audit(1712946289.678:466): proctitle=737368643A20636F7265205B707269765D [ 187.682557] audit: type=1105 audit(1712946289.708:467): pid=5342 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 187.700160] audit: type=1103 audit(1712946289.711:468): pid=5345 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 188.030656] audit: type=1106 audit(1712946290.079:469): pid=5342 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 188.050537] audit: type=1104 audit(1712946290.079:470): pid=5342 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' This is ip-172-31-22-35 (Linux aarch64 5.15.154-flatcar) 18:24:50 SSH host key: SHA256:/nKdFqVtmLz0d1GEGj9cWcucJl5DdmBNYGdPquE+gFQ (ED25519) SSH host key: SHA256:gflg2Yc6J5GmPO8r1hQz0VFGumJhohv3GYFAmUeqyEM (RSA) SSH host key: SHA256:86to42WGbRr2PIZ2/M5VIg65Ksl4kuNf/m48mH6cHNk (ECDSA) eth0: 172.31.22.35 fe80::4f4:6ff:fe91:999f ip-172-31-22-35 login: [ 193.053080] kauditd_printk_skb: 13 callbacks suppressed [ 193.053085] audit: type=1130 audit(1712946295.101:476): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@24-172.31.22.35:22-139.178.89.65:47802 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 193.245702] audit: type=1101 audit(1712946295.294:477): pid=5428 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 193.256575] audit: type=1103 audit(1712946295.304:478): pid=5428 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 193.268982] audit: type=1006 audit(1712946295.304:479): pid=5428 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=25 res=1 [ 193.274980] audit: type=1300 audit(1712946295.304:479): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffded28cb0 a2=3 a3=1 items=0 ppid=1 pid=5428 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=25 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 193.285502] audit: type=1327 audit(1712946295.304:479): proctitle=737368643A20636F7265205B707269765D [ 193.310732] audit: type=1105 audit(1712946295.358:480): pid=5428 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 193.322950] audit: type=1103 audit(1712946295.359:481): pid=5431 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 193.556628] audit: type=1106 audit(1712946295.605:482): pid=5428 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 193.568746] audit: type=1104 audit(1712946295.605:483): pid=5428 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 198.581811] kauditd_printk_skb: 1 callbacks suppressed [ 198.581816] audit: type=1130 audit(1712946300.630:485): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@25-172.31.22.35:22-139.178.89.65:52330 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 198.751411] audit: type=1101 audit(1712946300.800:486): pid=5449 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 198.761722] audit: type=1103 audit(1712946300.802:487): pid=5449 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 198.771610] audit: type=1006 audit(1712946300.802:488): pid=5449 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=26 res=1 [ 198.778210] audit: type=1300 audit(1712946300.802:488): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffc79ef450 a2=3 a3=1 items=0 ppid=1 pid=5449 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=26 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 198.790115] audit: type=1327 audit(1712946300.802:488): proctitle=737368643A20636F7265205B707269765D [ 198.800016] audit: type=1105 audit(1712946300.846:489): pid=5449 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 198.812057] audit: type=1103 audit(1712946300.860:490): pid=5452 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 199.049210] audit: type=1106 audit(1712946301.097:491): pid=5449 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 199.060828] audit: type=1104 audit(1712946301.099:492): pid=5449 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 204.076180] kauditd_printk_skb: 1 callbacks suppressed [ 204.076186] audit: type=1130 audit(1712946306.124:494): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@26-172.31.22.35:22-139.178.89.65:52338 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 204.267349] audit: type=1101 audit(1712946306.316:495): pid=5488 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 204.278413] audit: type=1103 audit(1712946306.319:496): pid=5488 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 204.290957] audit: type=1006 audit(1712946306.319:497): pid=5488 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=27 res=1 [ 204.297166] audit: type=1300 audit(1712946306.319:497): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=fffff089b5c0 a2=3 a3=1 items=0 ppid=1 pid=5488 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=27 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 204.310108] audit: type=1327 audit(1712946306.319:497): proctitle=737368643A20636F7265205B707269765D [ 204.326664] audit: type=1105 audit(1712946306.375:498): pid=5488 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 204.341308] audit: type=1103 audit(1712946306.389:499): pid=5492 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 204.587413] audit: type=1106 audit(1712946306.636:500): pid=5488 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 204.599339] audit: type=1104 audit(1712946306.636:501): pid=5488 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 209.615324] kauditd_printk_skb: 1 callbacks suppressed [ 209.615328] audit: type=1130 audit(1712946311.665:503): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@27-172.31.22.35:22-139.178.89.65:41378 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 209.793956] audit: type=1101 audit(1712946311.843:504): pid=5536 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 209.806070] audit: type=1103 audit(1712946311.855:505): pid=5536 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 209.815816] audit: type=1006 audit(1712946311.855:506): pid=5536 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=28 res=1 [ 209.821840] audit: type=1300 audit(1712946311.855:506): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=fffffb770050 a2=3 a3=1 items=0 ppid=1 pid=5536 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=28 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 209.832465] audit: type=1327 audit(1712946311.855:506): proctitle=737368643A20636F7265205B707269765D [ 209.854174] audit: type=1105 audit(1712946311.904:507): pid=5536 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 209.871123] audit: type=1103 audit(1712946311.915:508): pid=5539 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 210.123878] audit: type=1106 audit(1712946312.173:509): pid=5536 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 210.138305] audit: type=1104 audit(1712946312.174:510): pid=5536 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 215.901685] kauditd_printk_skb: 1 callbacks suppressed [ 215.901689] audit: type=1325 audit(1712946317.950:512): table=filter:126 family=2 entries=9 op=nft_register_rule pid=5575 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 215.910806] audit: type=1300 audit(1712946317.950:512): arch=c00000b7 syscall=211 success=yes exit=2932 a0=3 a1=ffffcbef05d0 a2=0 a3=1 items=0 ppid=3037 pid=5575 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 215.926168] audit: type=1327 audit(1712946317.950:512): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 215.931725] audit: type=1325 audit(1712946317.974:513): table=nat:127 family=2 entries=51 op=nft_register_chain pid=5575 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 215.939045] audit: type=1300 audit(1712946317.974:513): arch=c00000b7 syscall=211 success=yes exit=18564 a0=3 a1=ffffcbef05d0 a2=0 a3=1 items=0 ppid=3037 pid=5575 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 215.950942] audit: type=1327 audit(1712946317.974:513): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273