rnel_t:s0 key=(null) [ 27.039072] audit: type=1327 audit(1746838167.087:159): proctitle=2F7362696E2F617564697463746C002D44 [ 27.040585] audit: type=1131 audit(1746838167.088:160): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=audit-rules comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 27.060904] audit: type=1130 audit(1746838167.116:161): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=audit-rules comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 27.065934] audit: type=1106 audit(1746838167.121:162): pid=2030 uid=500 auid=500 ses=6 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_limits,pam_env,pam_unix,pam_permit,pam_systemd acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 27.069889] audit: type=1104 audit(1746838167.121:163): pid=2030 uid=500 auid=500 ses=6 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 27.093654] audit: type=1106 audit(1746838167.149:164): pid=2026 uid=0 auid=500 ses=6 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 27.102673] audit: type=1104 audit(1746838167.149:165): pid=2026 uid=0 auid=500 ses=6 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 27.111127] audit: type=1131 audit(1746838167.157:166): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@5-172.31.21.73:22-139.178.89.65:48972 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 27.898200] Initializing XFRM netlink socket This is ip-172-31-21-73 (Linux x86_64 5.15.181-flatcar) 00:49:29 SSH host key: SHA256:zIsCKXX3qjCFWPwcte8YdMIRnscid/Vd149z6v15meA (RSA) SSH host key: SHA256:tdjkDwLSZ9iTHmzu8ymLt4WAiljxHUw0maU8hvAmxTg (ED25519) SSH host key: SHA256:HGW7akMk3VhEPE0gZUptQyqEBZRHAdZ3ngqFFpgR/0M (ECDSA) eth0: 172.31.21.73 fe80::4ee:9bff:fe7e:3a63 ip-172-31-21-73 login: [ 38.600636] kauditd_printk_skb: 88 callbacks suppressed [ 38.600640] audit: type=1130 audit(1746838178.654:205): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 38.605225] audit: type=1131 audit(1746838178.654:206): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 38.769145] audit: type=1130 audit(1746838178.825:207): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 38.832680] audit: type=1131 audit(1746838178.888:208): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed' [ 45.233653] audit: type=1130 audit(1746838185.289:209): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 45.236886] audit: type=1131 audit(1746838185.292:210): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 45.678312] audit: type=1130 audit(1746838185.734:211): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed' [ 45.944582] audit: type=1131 audit(1746838186.000:212): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=systemd-hostnamed comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 46.178684] audit: type=1130 audit(1746838186.233:213): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 46.661475] audit: type=1400 audit(1746838186.717:214): avc: denied { mac_admin } for pid=2423 comm="kubelet" capability=33 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 46.671820] audit: type=1401 audit(1746838186.717:214): op=setxattr invalid_context="system_u:object_r:container_file_t:s0" [ 46.678008] audit: type=1300 audit(1746838186.717:214): arch=c000003e syscall=188 success=no exit=-22 a0=c000839470 a1=c0007fabb8 a2=c000839440 a3=25 items=0 ppid=1 pid=2423 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kubelet" exe="/usr/bin/kubelet" subj=system_u:system_r:kernel_t:s0 key=(null) [ 46.688511] audit: type=1327 audit(1746838186.717:214): proctitle=2F7573722F62696E2F6B7562656C6574002D2D626F6F7473747261702D6B756265636F6E6669673D2F6574632F6B756265726E657465732F626F6F7473747261702D6B7562656C65742E636F6E66002D2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F6B7562656C65742E636F6E66002D2D636F6E6669 [ 46.707676] audit: type=1400 audit(1746838186.717:215): avc: denied { mac_admin } for pid=2423 comm="kubelet" capability=33 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 53.513608] kauditd_printk_skb: 43 callbacks suppressed [ 53.513612] audit: type=1131 audit(1746838193.568:229): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 54.485647] audit: type=1130 audit(1746838194.540:230): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 54.660213] audit: type=1400 audit(1746838194.715:231): avc: denied { mac_admin } for pid=2789 comm="kubelet" capability=33 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 54.674450] audit: type=1401 audit(1746838194.715:231): op=setxattr invalid_context="system_u:object_r:container_file_t:s0" [ 54.690507] audit: type=1300 audit(1746838194.715:231): arch=c000003e syscall=188 success=no exit=-22 a0=c000c50fc0 a1=c000b59848 a2=c000c50f90 a3=25 items=0 ppid=1 pid=2789 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kubelet" exe="/usr/bin/kubelet" subj=system_u:system_r:kernel_t:s0 key=(null) [ 54.705277] audit: type=1327 audit(1746838194.715:231): proctitle=2F7573722F62696E2F6B7562656C6574002D2D626F6F7473747261702D6B756265636F6E6669673D2F6574632F6B756265726E657465732F626F6F7473747261702D6B7562656C65742E636F6E66002D2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F6B7562656C65742E636F6E66002D2D636F6E6669 [ 54.725650] audit: type=1400 audit(1746838194.744:232): avc: denied { mac_admin } for pid=2789 comm="kubelet" capability=33 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 54.753037] audit: type=1401 audit(1746838194.744:232): op=setxattr invalid_context="system_u:object_r:container_file_t:s0" [ 54.760386] audit: type=1300 audit(1746838194.744:232): arch=c000003e syscall=188 success=no exit=-22 a0=c000b6d8e0 a1=c000b59ab8 a2=c000c51d40 a3=25 items=0 ppid=1 pid=2789 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kubelet" exe="/usr/bin/kubelet" subj=system_u:system_r:kernel_t:s0 key=(null) [ 54.774991] audit: type=1327 audit(1746838194.744:232): proctitle=2F7573722F62696E2F6B7562656C6574002D2D626F6F7473747261702D6B756265636F6E6669673D2F6574632F6B756265726E657465732F626F6F7473747261702D6B7562656C65742E636F6E66002D2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F6B7562656C65742E636F6E66002D2D636F6E6669 [ 60.442185] kauditd_printk_skb: 4 callbacks suppressed [ 60.442188] audit: type=1106 audit(1746838200.497:234): pid=2063 uid=500 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_limits,pam_env,pam_unix,pam_permit,pam_systemd acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 60.452951] audit: type=1104 audit(1746838200.497:235): pid=2063 uid=500 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 60.486008] audit: type=1106 audit(1746838200.540:236): pid=2059 uid=0 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 60.497199] audit: type=1104 audit(1746838200.540:237): pid=2059 uid=0 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 60.505276] audit: type=1131 audit(1746838200.541:238): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@6-172.31.21.73:22-139.178.89.65:48974 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 68.046733] audit: type=1325 audit(1746838208.102:239): table=mangle:38 family=2 entries=1 op=nft_register_chain pid=3104 subj=system_u:system_r:kernel_t:s0 comm="iptables" [ 68.051069] audit: type=1300 audit(1746838208.102:239): arch=c000003e syscall=46 success=yes exit=104 a0=3 a1=7ffc82d03da0 a2=0 a3=7ffc82d03d8c items=0 ppid=3020 pid=3104 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 68.059776] audit: type=1327 audit(1746838208.102:239): proctitle=69707461626C6573002D770035002D5700313030303030002D4E004B5542452D50524F58592D43414E415259002D74006D616E676C65 [ 68.063775] audit: type=1325 audit(1746838208.102:240): table=nat:39 family=2 entries=1 op=nft_register_chain pid=3105 subj=system_u:system_r:kernel_t:s0 comm="iptables" [ 68.067689] audit: type=1300 audit(1746838208.102:240): arch=c000003e syscall=46 success=yes exit=100 a0=3 a1=7ffeb6bb41c0 a2=0 a3=7ffeb6bb41ac items=0 ppid=3020 pid=3105 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 68.075662] audit: type=1327 audit(1746838208.102:240): proctitle=69707461626C6573002D770035002D5700313030303030002D4E004B5542452D50524F58592D43414E415259002D74006E6174 [ 68.079577] audit: type=1325 audit(1746838208.102:241): table=filter:40 family=2 entries=1 op=nft_register_chain pid=3106 subj=system_u:system_r:kernel_t:s0 comm="iptables" [ 68.083505] audit: type=1300 audit(1746838208.102:241): arch=c000003e syscall=46 success=yes exit=104 a0=3 a1=7fffdcf741e0 a2=0 a3=7fffdcf741cc items=0 ppid=3020 pid=3106 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 68.091838] audit: type=1327 audit(1746838208.102:241): proctitle=69707461626C6573002D770035002D5700313030303030002D4E004B5542452D50524F58592D43414E415259002D740066696C746572 [ 68.097089] audit: type=1325 audit(1746838208.102:242): table=mangle:41 family=10 entries=1 op=nft_register_chain pid=3107 subj=system_u:system_r:kernel_t:s0 comm="ip6tables" [ 78.282785] kauditd_printk_skb: 143 callbacks suppressed [ 78.282788] audit: type=1325 audit(1746838218.338:290): table=filter:89 family=2 entries=15 op=nft_register_rule pid=3239 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 78.298869] audit: type=1300 audit(1746838218.338:290): arch=c000003e syscall=46 success=yes exit=5908 a0=3 a1=7ffffb20e960 a2=0 a3=7ffffb20e94c items=0 ppid=3020 pid=3239 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 78.309339] audit: type=1327 audit(1746838218.338:290): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 78.323543] audit: type=1325 audit(1746838218.355:291): table=nat:90 family=2 entries=12 op=nft_register_rule pid=3239 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 78.328184] audit: type=1300 audit(1746838218.355:291): arch=c000003e syscall=46 success=yes exit=2700 a0=3 a1=7ffffb20e960 a2=0 a3=0 items=0 ppid=3020 pid=3239 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 78.336724] audit: type=1327 audit(1746838218.355:291): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 78.341449] audit: type=1325 audit(1746838218.393:292): table=filter:91 family=2 entries=17 op=nft_register_rule pid=3241 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 78.345941] audit: type=1300 audit(1746838218.393:292): arch=c000003e syscall=46 success=yes exit=6652 a0=3 a1=7ffd8704c1c0 a2=0 a3=7ffd8704c1ac items=0 ppid=3020 pid=3241 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 78.354641] audit: type=1327 audit(1746838218.393:292): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 78.358944] audit: type=1325 audit(1746838218.402:293): table=nat:92 family=2 entries=12 op=nft_register_rule pid=3241 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 87.475140] kauditd_printk_skb: 8 callbacks suppressed [ 87.475143] audit: type=1325 audit(1746838227.530:296): table=filter:95 family=2 entries=17 op=nft_register_rule pid=3512 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 87.482913] audit: type=1300 audit(1746838227.530:296): arch=c000003e syscall=46 success=yes exit=5908 a0=3 a1=7ffe770c0f90 a2=0 a3=7ffe770c0f7c items=0 ppid=3020 pid=3512 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 87.494621] audit: type=1327 audit(1746838227.530:296): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 87.502428] audit: type=1325 audit(1746838227.556:297): table=nat:96 family=2 entries=19 op=nft_register_chain pid=3512 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 87.509379] audit: type=1300 audit(1746838227.556:297): arch=c000003e syscall=46 success=yes exit=6276 a0=3 a1=7ffe770c0f90 a2=0 a3=7ffe770c0f7c items=0 ppid=3020 pid=3512 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 87.522472] audit: type=1327 audit(1746838227.556:297): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 99.635797] wireguard: WireGuard 1.0.0 loaded. See www.wireguard.com for information. [ 99.637796] wireguard: Copyright (C) 2015-2019 Jason A. Donenfeld . All Rights Reserved. [ 99.715815] audit: type=1130 audit(1746838239.771:298): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@7-172.31.21.73:22-139.178.89.65:57190 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 99.917139] audit: type=1101 audit(1746838239.970:299): pid=4002 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 99.925666] audit: type=1103 audit(1746838239.972:300): pid=4002 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 99.932406] audit: type=1006 audit(1746838239.972:301): pid=4002 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=8 res=1 [ 99.938178] audit: type=1300 audit(1746838239.972:301): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff80ee4260 a2=3 a3=0 items=0 ppid=1 pid=4002 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=8 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 99.948832] audit: type=1327 audit(1746838239.972:301): proctitle=737368643A20636F7265205B707269765D [ 99.977750] audit: type=1105 audit(1746838240.032:302): pid=4002 uid=0 auid=500 ses=8 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 99.993177] audit: type=1103 audit(1746838240.037:303): pid=4012 uid=0 auid=500 ses=8 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 100.505850] audit: type=1106 audit(1746838240.561:304): pid=4002 uid=0 auid=500 ses=8 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 100.517041] audit: type=1104 audit(1746838240.561:305): pid=4002 uid=0 auid=500 ses=8 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' This is ip-172-31-21-73 (Linux x86_64 5.15.181-flatcar) 00:50:42 SSH host key: SHA256:zIsCKXX3qjCFWPwcte8YdMIRnscid/Vd149z6v15meA (RSA) SSH host key: SHA256:tdjkDwLSZ9iTHmzu8ymLt4WAiljxHUw0maU8hvAmxTg (ED25519) SSH host key: SHA256:HGW7akMk3VhEPE0gZUptQyqEBZRHAdZ3ngqFFpgR/0M (ECDSA) eth0: 172.31.21.73 fe80::4ee:9bff:fe7e:3a63 ip-172-31-21-73 login: [ 103.404764] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 103.405817] IPv6: ADDRCONF(NETDEV_CHANGE): cali7f83015a277: link becomes ready This is ip-172-31-21-73 (Linux x86_64 5.15.181-flatcar) 00:50:44 SSH host key: SHA256:zIsCKXX3qjCFWPwcte8YdMIRnscid/Vd149z6v15meA (RSA) SSH host key: SHA256:tdjkDwLSZ9iTHmzu8ymLt4WAiljxHUw0maU8hvAmxTg (ED25519) SSH host key: SHA256:HGW7akMk3VhEPE0gZUptQyqEBZRHAdZ3ngqFFpgR/0M (ECDSA) eth0: 172.31.21.73 fe80::4ee:9bff:fe7e:3a63 ip-172-31-21-73 login: [ 105.345849] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 105.346959] IPv6: ADDRCONF(NETDEV_CHANGE): cali5753cb02631: link becomes ready [ 105.395002] kauditd_printk_skb: 519 callbacks suppressed [ 105.395006] audit: type=1325 audit(1746838245.450:410): table=filter:102 family=2 entries=38 op=nft_register_chain pid=4500 subj=system_u:system_r:kernel_t:s0 comm="iptables-nft-re" [ 105.398457] audit: type=1300 audit(1746838245.450:410): arch=c000003e syscall=46 success=yes exit=20336 a0=3 a1=7ffc15f271e0 a2=0 a3=7ffc15f271cc items=0 ppid=4056 pid=4500 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-nft-re" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 105.407499] audit: type=1327 audit(1746838245.450:410): proctitle=69707461626C65732D6E66742D726573746F7265002D2D6E6F666C757368002D2D766572626F7365002D2D77616974003130002D2D776169742D696E74657276616C003530303030 [ 105.501507] IPv6: ADDRCONF(NETDEV_CHANGE): calid29a21f6985: link becomes ready [ 105.532386] audit: type=1130 audit(1746838245.587:411): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@8-172.31.21.73:22-139.178.89.65:57204 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 105.556666] audit: type=1325 audit(1746838245.611:412): table=filter:103 family=2 entries=34 op=nft_register_chain pid=4546 subj=system_u:system_r:kernel_t:s0 comm="iptables-nft-re" [ 105.559329] audit: type=1300 audit(1746838245.611:412): arch=c000003e syscall=46 success=yes exit=18220 a0=3 a1=7fff9be02490 a2=0 a3=7fff9be0247c items=0 ppid=4056 pid=4546 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-nft-re" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 105.564886] audit: type=1327 audit(1746838245.611:412): proctitle=69707461626C65732D6E66742D726573746F7265002D2D6E6F666C757368002D2D766572626F7365002D2D77616974003130002D2D776169742D696E74657276616C003530303030 [ 105.764417] audit: type=1101 audit(1746838245.819:413): pid=4544 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 105.773213] audit: type=1103 audit(1746838245.828:414): pid=4544 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 105.788148] audit: type=1006 audit(1746838245.838:415): pid=4544 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=9 res=1 This is ip-172-31-21-73 (Linux x86_64 5.15.181-flatcar) 00:50:45 SSH host key: SHA256:zIsCKXX3qjCFWPwcte8YdMIRnscid/Vd149z6v15meA (RSA) SSH host key: SHA256:tdjkDwLSZ9iTHmzu8ymLt4WAiljxHUw0maU8hvAmxTg (ED25519) SSH host key: SHA256:HGW7akMk3VhEPE0gZUptQyqEBZRHAdZ3ngqFFpgR/0M (ECDSA) eth0: 172.31.21.73 fe80::4ee:9bff:fe7e:3a63 ip-172-31-21-73 login: [ 106.680643] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 106.683398] IPv6: ADDRCONF(NETDEV_CHANGE): cali0e3cb83e7f6: link becomes ready [ 107.638789] IPv6: ADDRCONF(NETDEV_CHANGE): calide6810cd12d: link becomes ready [ 107.726744] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 107.727876] IPv6: ADDRCONF(NETDEV_CHANGE): cali3abe9943ff7: link becomes ready [ 107.817757] IPv6: ADDRCONF(NETDEV_CHANGE): cali3331cb3267a: link becomes ready This is ip-172-31-21-73 (Linux x86_64 5.15.181-flatcar) 00:50:47 SSH host key: SHA256:zIsCKXX3qjCFWPwcte8YdMIRnscid/Vd149z6v15meA (RSA) SSH host key: SHA256:tdjkDwLSZ9iTHmzu8ymLt4WAiljxHUw0maU8hvAmxTg (ED25519) SSH host key: SHA256:HGW7akMk3VhEPE0gZUptQyqEBZRHAdZ3ngqFFpgR/0M (ECDSA) eth0: 172.31.21.73 fe80::4ee:9bff:fe7e:3a63 ip-172-31-21-73 login: This is ip-172-31-21-73 (Linux x86_64 5.15.181-flatcar) 00:50:48 SSH host key: SHA256:zIsCKXX3qjCFWPwcte8YdMIRnscid/Vd149z6v15meA (RSA) SSH host key: SHA256:tdjkDwLSZ9iTHmzu8ymLt4WAiljxHUw0maU8hvAmxTg (ED25519) SSH host key: SHA256:HGW7akMk3VhEPE0gZUptQyqEBZRHAdZ3ngqFFpgR/0M (ECDSA) eth0: 172.31.21.73 fe80::4ee:9bff:fe7e:3a63 ip-172-31-21-73 login: This is ip-172-31-21-73 (Linux x86_64 5.15.181-flatcar) 00:50:49 SSH host key: SHA256:zIsCKXX3qjCFWPwcte8YdMIRnscid/Vd149z6v15meA (RSA) SSH host key: SHA256:tdjkDwLSZ9iTHmzu8ymLt4WAiljxHUw0maU8hvAmxTg (ED25519) SSH host key: SHA256:HGW7akMk3VhEPE0gZUptQyqEBZRHAdZ3ngqFFpgR/0M (ECDSA) eth0: 172.31.21.73 fe80::4ee:9bff:fe7e:3a63 ip-172-31-21-73 login: This is ip-172-31-21-73 (Linux x86_64 5.15.181-flatcar) 00:50:50 SSH host key: SHA256:zIsCKXX3qjCFWPwcte8YdMIRnscid/Vd149z6v15meA (RSA) SSH host key: SHA256:tdjkDwLSZ9iTHmzu8ymLt4WAiljxHUw0maU8hvAmxTg (ED25519) SSH host key: SHA256:HGW7akMk3VhEPE0gZUptQyqEBZRHAdZ3ngqFFpgR/0M (ECDSA) eth0: 172.31.21.73 fe80::4ee:9bff:fe7e:3a63 ip-172-31-21-73 login: [ 111.641368] kauditd_printk_skb: 55 callbacks suppressed [ 111.641371] audit: type=1130 audit(1746838251.696:437): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@9-172.31.21.73:22-139.178.89.65:48224 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 111.768505] audit: type=1325 audit(1746838251.823:438): table=filter:120 family=2 entries=9 op=nft_register_rule pid=5264 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 111.780664] audit: type=1300 audit(1746838251.823:438): arch=c000003e syscall=46 success=yes exit=2932 a0=3 a1=7ffc7f9ded80 a2=0 a3=7ffc7f9ded6c items=0 ppid=3020 pid=5264 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 111.786765] audit: type=1327 audit(1746838251.823:438): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 111.792598] audit: type=1325 audit(1746838251.845:439): table=nat:121 family=2 entries=27 op=nft_register_chain pid=5264 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 111.795384] audit: type=1300 audit(1746838251.845:439): arch=c000003e syscall=46 success=yes exit=9348 a0=3 a1=7ffc7f9ded80 a2=0 a3=7ffc7f9ded6c items=0 ppid=3020 pid=5264 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 111.801502] audit: type=1327 audit(1746838251.845:439): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 111.909386] audit: type=1101 audit(1746838251.964:440): pid=5261 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 111.918260] audit: type=1103 audit(1746838251.973:441): pid=5261 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 111.925903] audit: type=1006 audit(1746838251.981:442): pid=5261 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=10 res=1 [ 117.218604] kauditd_printk_skb: 29 callbacks suppressed [ 117.218607] audit: type=1325 audit(1746838257.273:466): table=filter:122 family=2 entries=8 op=nft_register_rule pid=5644 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 117.227632] audit: type=1300 audit(1746838257.273:466): arch=c000003e syscall=46 success=yes exit=2932 a0=3 a1=7ffd9b0fdb30 a2=0 a3=7ffd9b0fdb1c items=0 ppid=3020 pid=5644 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 117.248975] audit: type=1327 audit(1746838257.273:466): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 117.256771] audit: type=1325 audit(1746838257.298:467): table=nat:123 family=2 entries=34 op=nft_register_chain pid=5644 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 117.266192] audit: type=1300 audit(1746838257.298:467): arch=c000003e syscall=46 success=yes exit=11236 a0=3 a1=7ffd9b0fdb30 a2=0 a3=7ffd9b0fdb1c items=0 ppid=3020 pid=5644 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 117.280241] audit: type=1327 audit(1746838257.298:467): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 117.287003] audit: type=1325 audit(1746838257.335:468): table=filter:124 family=2 entries=8 op=nft_register_rule pid=5657 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 117.299843] audit: type=1300 audit(1746838257.335:468): arch=c000003e syscall=46 success=yes exit=2932 a0=3 a1=7ffcc1e0bf90 a2=0 a3=7ffcc1e0bf7c items=0 ppid=3020 pid=5657 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 117.312865] audit: type=1327 audit(1746838257.335:468): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 117.321434] audit: type=1325 audit(1746838257.354:469): table=nat:125 family=2 entries=36 op=nft_register_rule pid=5657 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" This is ip-172-31-21-73 (Linux x86_64 5.15.181-flatcar) 00:50:58 SSH host key: SHA256:zIsCKXX3qjCFWPwcte8YdMIRnscid/Vd149z6v15meA (RSA) SSH host key: SHA256:tdjkDwLSZ9iTHmzu8ymLt4WAiljxHUw0maU8hvAmxTg (ED25519) SSH host key: SHA256:HGW7akMk3VhEPE0gZUptQyqEBZRHAdZ3ngqFFpgR/0M (ECDSA) eth0: 172.31.21.73 fe80::4ee:9bff:fe7e:3a63 ip-172-31-21-73 login: [ 125.329325] kauditd_printk_skb: 31 callbacks suppressed [ 125.329327] audit: type=1130 audit(1746838265.385:485): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@13-172.31.21.73:22-139.178.89.65:53012 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 125.395670] audit: type=1325 audit(1746838265.451:486): table=filter:132 family=2 entries=8 op=nft_register_rule pid=5940 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 125.398118] audit: type=1300 audit(1746838265.451:486): arch=c000003e syscall=46 success=yes exit=2932 a0=3 a1=7ffd7a331600 a2=0 a3=7ffd7a3315ec items=0 ppid=3020 pid=5940 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 125.413346] audit: type=1327 audit(1746838265.451:486): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 125.419248] audit: type=1325 audit(1746838265.473:487): table=nat:133 family=2 entries=40 op=nft_register_chain pid=5940 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 125.421669] audit: type=1300 audit(1746838265.473:487): arch=c000003e syscall=46 success=yes exit=13124 a0=3 a1=7ffd7a331600 a2=0 a3=7ffd7a3315ec items=0 ppid=3020 pid=5940 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 125.443599] audit: type=1327 audit(1746838265.473:487): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 125.448756] audit: type=1325 audit(1746838265.501:488): table=filter:134 family=2 entries=8 op=nft_register_rule pid=5948 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 125.451155] audit: type=1300 audit(1746838265.501:488): arch=c000003e syscall=46 success=yes exit=2932 a0=3 a1=7ffdcab07ea0 a2=0 a3=7ffdcab07e8c items=0 ppid=3020 pid=5948 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 125.466755] audit: type=1327 audit(1746838265.501:488): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 This is ip-172-31-21-73 (Linux x86_64 5.15.181-flatcar) 00:51:06 SSH host key: SHA256:zIsCKXX3qjCFWPwcte8YdMIRnscid/Vd149z6v15meA (RSA) SSH host key: SHA256:tdjkDwLSZ9iTHmzu8ymLt4WAiljxHUw0maU8hvAmxTg (ED25519) SSH host key: SHA256:HGW7akMk3VhEPE0gZUptQyqEBZRHAdZ3ngqFFpgR/0M (ECDSA) eth0: 172.31.21.73 fe80::4ee:9bff:fe7e:3a63 ip-172-31-21-73 login: [ 130.815825] kauditd_printk_skb: 25 callbacks suppressed [ 130.815827] audit: type=1130 audit(1746838270.871:502): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@14-172.31.21.73:22-139.178.89.65:50724 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 130.977157] audit: type=1101 audit(1746838271.032:503): pid=6064 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 130.981994] audit: type=1103 audit(1746838271.037:504): pid=6064 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 130.986223] audit: type=1006 audit(1746838271.037:505): pid=6064 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=15 res=1 [ 130.988587] audit: type=1300 audit(1746838271.037:505): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffee649bdb0 a2=3 a3=0 items=0 ppid=1 pid=6064 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=15 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 130.992694] audit: type=1327 audit(1746838271.037:505): proctitle=737368643A20636F7265205B707269765D [ 131.001924] audit: type=1105 audit(1746838271.057:506): pid=6064 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 131.006801] audit: type=1103 audit(1746838271.057:507): pid=6067 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 131.195375] audit: type=1106 audit(1746838271.251:508): pid=6064 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 131.203118] audit: type=1104 audit(1746838271.251:509): pid=6064 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 136.218959] kauditd_printk_skb: 1 callbacks suppressed [ 136.218963] audit: type=1130 audit(1746838276.274:511): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@15-172.31.21.73:22-139.178.89.65:50730 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 136.430516] audit: type=1101 audit(1746838276.486:512): pid=6119 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 136.439376] audit: type=1103 audit(1746838276.495:513): pid=6119 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 136.446255] audit: type=1006 audit(1746838276.495:514): pid=6119 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=16 res=1 [ 136.450320] audit: type=1300 audit(1746838276.495:514): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffcb37ebf70 a2=3 a3=0 items=0 ppid=1 pid=6119 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=16 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 136.458106] audit: type=1327 audit(1746838276.495:514): proctitle=737368643A20636F7265205B707269765D [ 136.463495] audit: type=1105 audit(1746838276.519:515): pid=6119 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 136.471469] audit: type=1103 audit(1746838276.520:516): pid=6122 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 136.773843] audit: type=1106 audit(1746838276.829:517): pid=6119 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 136.782084] audit: type=1104 audit(1746838276.829:518): pid=6119 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 141.223356] kauditd_printk_skb: 32 callbacks suppressed [ 141.223359] audit: type=1106 audit(1746838281.280:539): pid=6143 uid=0 auid=500 ses=18 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 141.233857] audit: type=1325 audit(1746838281.280:540): table=filter:144 family=2 entries=46 op=nft_register_rule pid=6256 subj=system_u:system_r:kernel_t:s0 comm="iptables-nft-re" [ 141.237450] audit: type=1300 audit(1746838281.280:540): arch=c000003e syscall=46 success=yes exit=6840 a0=3 a1=7fff60389790 a2=0 a3=7fff6038977c items=0 ppid=4056 pid=6256 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-nft-re" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 141.248861] audit: type=1327 audit(1746838281.280:540): proctitle=69707461626C65732D6E66742D726573746F7265002D2D6E6F666C757368002D2D766572626F7365002D2D77616974003130002D2D776169742D696E74657276616C003530303030 [ 141.260398] audit: type=1325 audit(1746838281.281:541): table=filter:145 family=2 entries=6 op=nft_unregister_chain pid=6256 subj=system_u:system_r:kernel_t:s0 comm="iptables-nft-re" [ 141.264288] audit: type=1300 audit(1746838281.281:541): arch=c000003e syscall=46 success=yes exit=848 a0=3 a1=7fff60389790 a2=0 a3=56205342f000 items=0 ppid=4056 pid=6256 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-nft-re" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 141.270105] audit: type=1327 audit(1746838281.281:541): proctitle=69707461626C65732D6E66742D726573746F7265002D2D6E6F666C757368002D2D766572626F7365002D2D77616974003130002D2D776169742D696E74657276616C003530303030 [ 141.273638] audit: type=1104 audit(1746838281.288:542): pid=6143 uid=0 auid=500 ses=18 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 141.278953] audit: type=1130 audit(1746838281.289:543): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@18-172.31.21.73:22-139.178.89.65:41088 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 141.285291] audit: type=1131 audit(1746838281.304:544): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@17-172.31.21.73:22-139.178.89.65:41072 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' This is ip-172-31-21-73 (Linux x86_64 5.15.181-flatcar) 00:51:22 SSH host key: SHA256:zIsCKXX3qjCFWPwcte8YdMIRnscid/Vd149z6v15meA (RSA) SSH host key: SHA256:tdjkDwLSZ9iTHmzu8ymLt4WAiljxHUw0maU8hvAmxTg (ED25519) SSH host key: SHA256:HGW7akMk3VhEPE0gZUptQyqEBZRHAdZ3ngqFFpgR/0M (ECDSA) eth0: 172.31.21.73 fe80::4ee:9bff:fe7e:3a63 ip-172-31-21-73 login: [ 143.264727] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 143.266544] IPv6: ADDRCONF(NETDEV_CHANGE): cali17857099583: link becomes ready This is ip-172-31-21-73 (Linux x86_64 5.15.181-flatcar) 00:51:25 SSH host key: SHA256:zIsCKXX3qjCFWPwcte8YdMIRnscid/Vd149z6v15meA (RSA) SSH host key: SHA256:tdjkDwLSZ9iTHmzu8ymLt4WAiljxHUw0maU8hvAmxTg (ED25519) SSH host key: SHA256:HGW7akMk3VhEPE0gZUptQyqEBZRHAdZ3ngqFFpgR/0M (ECDSA) eth0: 172.31.21.73 fe80::4ee:9bff:fe7e:3a63 ip-172-31-21-73 login: [ 148.784804] kauditd_printk_skb: 382 callbacks suppressed [ 148.784807] audit: type=1130 audit(1746838288.841:630): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@20-172.31.21.73:22-139.178.89.65:51964 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 149.007777] audit: type=1101 audit(1746838289.064:631): pid=6648 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 149.012949] audit: type=1103 audit(1746838289.069:632): pid=6648 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 149.016882] audit: type=1006 audit(1746838289.069:633): pid=6648 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=21 res=1 [ 149.019343] audit: type=1300 audit(1746838289.069:633): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fffdd87ac00 a2=3 a3=0 items=0 ppid=1 pid=6648 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=21 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 149.024423] audit: type=1327 audit(1746838289.069:633): proctitle=737368643A20636F7265205B707269765D [ 149.039491] audit: type=1105 audit(1746838289.096:634): pid=6648 uid=0 auid=500 ses=21 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 149.044547] audit: type=1103 audit(1746838289.101:635): pid=6657 uid=0 auid=500 ses=21 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 149.419448] audit: type=1106 audit(1746838289.476:636): pid=6648 uid=0 auid=500 ses=21 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 149.426076] audit: type=1104 audit(1746838289.476:637): pid=6648 uid=0 auid=500 ses=21 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 154.443137] kauditd_printk_skb: 7 callbacks suppressed [ 154.443140] audit: type=1130 audit(1746838294.500:641): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@21-172.31.21.73:22-139.178.89.65:51970 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 154.611796] audit: type=1101 audit(1746838294.668:642): pid=6762 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 154.620014] audit: type=1103 audit(1746838294.676:643): pid=6762 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 154.627170] audit: type=1006 audit(1746838294.676:644): pid=6762 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=22 res=1 [ 154.631259] audit: type=1300 audit(1746838294.676:644): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffd4396e580 a2=3 a3=0 items=0 ppid=1 pid=6762 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=22 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 154.643141] audit: type=1327 audit(1746838294.676:644): proctitle=737368643A20636F7265205B707269765D [ 154.646208] audit: type=1105 audit(1746838294.697:645): pid=6762 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 154.654082] audit: type=1103 audit(1746838294.699:646): pid=6765 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 154.863526] audit: type=1106 audit(1746838294.920:647): pid=6762 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 154.871887] audit: type=1104 audit(1746838294.920:648): pid=6762 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 159.886160] kauditd_printk_skb: 1 callbacks suppressed [ 159.886162] audit: type=1130 audit(1746838299.943:650): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@22-172.31.21.73:22-139.178.89.65:54924 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 160.095851] audit: type=1101 audit(1746838300.151:651): pid=6866 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 160.104384] audit: type=1103 audit(1746838300.160:652): pid=6866 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 160.112081] audit: type=1006 audit(1746838300.160:653): pid=6866 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=23 res=1 [ 160.116675] audit: type=1300 audit(1746838300.160:653): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffd590b1d30 a2=3 a3=0 items=0 ppid=1 pid=6866 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=23 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 160.125613] audit: type=1327 audit(1746838300.160:653): proctitle=737368643A20636F7265205B707269765D [ 160.141631] audit: type=1105 audit(1746838300.198:654): pid=6866 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 160.152151] audit: type=1103 audit(1746838300.207:655): pid=6875 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 160.507600] audit: type=1106 audit(1746838300.564:656): pid=6866 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 160.515819] audit: type=1104 audit(1746838300.564:657): pid=6866 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 165.533825] kauditd_printk_skb: 1 callbacks suppressed [ 165.533828] audit: type=1130 audit(1746838305.590:659): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@23-172.31.21.73:22-139.178.89.65:54930 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 165.711384] audit: type=1101 audit(1746838305.768:660): pid=6995 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 165.719110] audit: type=1103 audit(1746838305.775:661): pid=6995 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 165.729018] audit: type=1006 audit(1746838305.776:662): pid=6995 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=24 res=1 [ 165.735736] audit: type=1300 audit(1746838305.776:662): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffef8d8d810 a2=3 a3=0 items=0 ppid=1 pid=6995 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=24 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 165.751024] audit: type=1327 audit(1746838305.776:662): proctitle=737368643A20636F7265205B707269765D [ 165.755896] audit: type=1105 audit(1746838305.790:663): pid=6995 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 165.763760] audit: type=1103 audit(1746838305.791:664): pid=6999 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 166.064185] audit: type=1106 audit(1746838306.120:665): pid=6995 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 166.073411] audit: type=1104 audit(1746838306.121:666): pid=6995 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 171.088218] kauditd_printk_skb: 1 callbacks suppressed [ 171.088220] audit: type=1130 audit(1746838311.144:668): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@24-172.31.21.73:22-139.178.89.65:42636 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 171.269823] audit: type=1101 audit(1746838311.326:669): pid=7096 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 171.277912] audit: type=1103 audit(1746838311.334:670): pid=7096 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 171.284448] audit: type=1006 audit(1746838311.334:671): pid=7096 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=25 res=1 [ 171.288453] audit: type=1300 audit(1746838311.334:671): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffcf2c4a9d0 a2=3 a3=0 items=0 ppid=1 pid=7096 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=25 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 171.296155] audit: type=1327 audit(1746838311.334:671): proctitle=737368643A20636F7265205B707269765D [ 171.300091] audit: type=1105 audit(1746838311.357:672): pid=7096 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 171.308084] audit: type=1103 audit(1746838311.364:673): pid=7106 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 171.798575] audit: type=1106 audit(1746838311.855:674): pid=7096 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 171.808002] audit: type=1104 audit(1746838311.855:675): pid=7096 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 176.823447] kauditd_printk_skb: 1 callbacks suppressed [ 176.823450] audit: type=1130 audit(1746838316.880:677): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@25-172.31.21.73:22-139.178.89.65:47904 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 177.046089] audit: type=1101 audit(1746838317.103:678): pid=7469 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 177.054635] audit: type=1103 audit(1746838317.111:679): pid=7469 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 177.061057] audit: type=1006 audit(1746838317.111:680): pid=7469 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=26 res=1 [ 177.065139] audit: type=1300 audit(1746838317.111:680): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc4f5d28c0 a2=3 a3=0 items=0 ppid=1 pid=7469 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=26 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 177.072584] audit: type=1327 audit(1746838317.111:680): proctitle=737368643A20636F7265205B707269765D [ 177.085685] audit: type=1105 audit(1746838317.140:681): pid=7469 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 177.093595] audit: type=1103 audit(1746838317.142:682): pid=7472 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 177.621811] audit: type=1400 audit(1746838317.678:683): avc: denied { write } for pid=7537 comm="tee" name="fd" dev="proc" ino=37860 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dir permissive=0 [ 177.627631] audit: type=1300 audit(1746838317.678:683): arch=c000003e syscall=257 success=yes exit=3 a0=ffffff9c a1=7ffd20b17a0a a2=241 a3=1b6 items=1 ppid=7489 pid=7537 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="tee" exe="/usr/bin/coreutils" subj=system_u:system_r:kernel_t:s0 key=(null) [ 183.093884] kauditd_printk_skb: 515 callbacks suppressed [ 183.093888] audit: type=1130 audit(1746838323.150:785): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@26-172.31.21.73:22-139.178.89.65:47916 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 183.332949] audit: type=1101 audit(1746838323.389:786): pid=7833 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 183.341979] audit: type=1103 audit(1746838323.398:787): pid=7833 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 183.348993] audit: type=1006 audit(1746838323.398:788): pid=7833 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=27 res=1 [ 183.353783] audit: type=1300 audit(1746838323.398:788): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc00a50300 a2=3 a3=0 items=0 ppid=1 pid=7833 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=27 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 183.361980] audit: type=1327 audit(1746838323.398:788): proctitle=737368643A20636F7265205B707269765D [ 183.373197] audit: type=1105 audit(1746838323.430:789): pid=7833 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 183.382649] audit: type=1103 audit(1746838323.432:790): pid=7836 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 183.963696] audit: type=1106 audit(1746838324.020:791): pid=7833 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 183.973194] audit: type=1104 audit(1746838324.020:792): pid=7833 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 194.731110] kauditd_printk_skb: 1 callbacks suppressed [ 194.731113] audit: type=1400 audit(1746838334.788:794): avc: denied { bpf } for pid=7916 comm="bpftool" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 194.741126] audit: type=1400 audit(1746838334.788:794): avc: denied { bpf } for pid=7916 comm="bpftool" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 194.749125] audit: type=1400 audit(1746838334.788:794): avc: denied { perfmon } for pid=7916 comm="bpftool" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 194.756710] audit: type=1400 audit(1746838334.788:794): avc: denied { perfmon } for pid=7916 comm="bpftool" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 194.765282] audit: type=1400 audit(1746838334.788:794): avc: denied { perfmon } for pid=7916 comm="bpftool" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 194.773102] audit: type=1400 audit(1746838334.788:794): avc: denied { perfmon } for pid=7916 comm="bpftool" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 194.781794] audit: type=1400 audit(1746838334.788:794): avc: denied { perfmon } for pid=7916 comm="bpftool" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 194.794378] audit: type=1400 audit(1746838334.788:794): avc: denied { bpf } for pid=7916 comm="bpftool" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 194.804186] audit: type=1400 audit(1746838334.788:794): avc: denied { bpf } for pid=7916 comm="bpftool" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 194.813095] audit: type=1334 audit(1746838334.788:794): prog-id=61 op=LOAD