6 a0=3 a1=7fffc8346bc0 a2=420 a3=0 items=0 ppid=1 pid=2198 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="auditctl" exe="/usr/sbin/auditctl" subj=system_u:system_r:kernel_t:s0 key=(null) [ 25.154529] audit: type=1327 audit(1719332388.923:151): proctitle=2F7362696E2F617564697463746C002D44 [ 25.156419] audit: type=1131 audit(1719332388.930:152): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=audit-rules comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 25.212909] audit: type=1130 audit(1719332388.990:153): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=audit-rules comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 25.215032] audit: type=1106 audit(1719332388.991:154): pid=2194 uid=500 auid=500 ses=6 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_limits,pam_env,pam_unix,pam_permit,pam_systemd acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 25.217994] audit: type=1104 audit(1719332388.991:155): pid=2194 uid=500 auid=500 ses=6 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 25.241960] audit: type=1106 audit(1719332389.020:156): pid=2190 uid=0 auid=500 ses=6 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 25.248437] audit: type=1104 audit(1719332389.020:157): pid=2190 uid=0 auid=500 ses=6 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 25.251755] audit: type=1131 audit(1719332389.024:158): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@5-172.31.30.52:22-139.178.89.65:36772 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 27.404176] Initializing XFRM netlink socket This is ip-172-31-30-52 (Linux x86_64 6.1.95-flatcar) 16:19:52 SSH host key: SHA256:D/PGrfZQ8y4i9ob7k0ckwlWhLxInovB2Y5GJ8UZVcJs (ED25519) SSH host key: SHA256:BwwD2EeYNsqZ0pUA0wNu+F1VqtdprOclPp5Bt1sbdeM (RSA) SSH host key: SHA256:WaXsrNfA0xjQFKACkl6zDyIQSGgKNRissl+vzeve7CQ (ECDSA) eth0: 172.31.30.52 fe80::42d:3dff:fe74:64d ip-172-31-30-52 login: [ 39.330375] kauditd_printk_skb: 88 callbacks suppressed [ 39.330378] audit: type=1130 audit(1719332403.158:197): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 39.343720] audit: type=1131 audit(1719332403.158:198): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 40.259635] audit: type=1130 audit(1719332404.088:199): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 40.416658] audit: type=1131 audit(1719332404.245:200): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed' [ 45.049410] audit: type=1131 audit(1719332408.881:201): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=systemd-hostnamed comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 50.664239] audit: type=1130 audit(1719332414.496:202): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 50.666401] audit: type=1131 audit(1719332414.496:203): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 51.036570] audit: type=1130 audit(1719332414.871:204): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 51.055724] audit: type=1131 audit(1719332414.890:205): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 51.494389] audit: type=1130 audit(1719332415.328:206): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed' [ 51.821299] audit: type=1130 audit(1719332415.653:207): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 52.647927] audit: type=1325 audit(1719332416.482:208): table=mangle:26 family=2 entries=2 op=nft_register_chain pid=2731 subj=system_u:system_r:kernel_t:s0 comm="iptables" [ 52.649458] audit: type=1300 audit(1719332416.482:208): arch=c000003e syscall=46 success=yes exit=136 a0=3 a1=7ffcae9bc020 a2=0 a3=7f5cc05ace90 items=0 ppid=2721 pid=2731 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 52.664857] audit: type=1327 audit(1719332416.482:208): proctitle=69707461626C6573002D770035002D5700313030303030002D4E004B5542452D49505441424C45532D48494E54002D74006D616E676C65 [ 52.678958] audit: type=1325 audit(1719332416.513:209): table=filter:27 family=2 entries=1 op=nft_register_chain pid=2732 subj=system_u:system_r:kernel_t:s0 comm="iptables" [ 60.138187] BTRFS warning: duplicate device /dev/nvme0n1p3 devid 1 generation 33 scanned by (udev-worker) (3015) [ 60.416164] BTRFS warning: duplicate device /dev/nvme0n1p3 devid 1 generation 33 scanned by (udev-worker) (3015) [ 60.617724] BTRFS warning: duplicate device /dev/nvme0n1p3 devid 1 generation 33 scanned by (udev-worker) (3015) [ 62.039069] kauditd_printk_skb: 32 callbacks suppressed [ 62.039072] audit: type=1131 audit(1719332425.875:220): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 62.376981] audit: type=1130 audit(1719332426.211:221): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 69.212287] audit: type=1106 audit(1719332433.049:222): pid=2227 uid=500 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_limits,pam_env,pam_unix,pam_permit,pam_systemd acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 69.215903] audit: type=1104 audit(1719332433.049:223): pid=2227 uid=500 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 69.244314] audit: type=1106 audit(1719332433.081:224): pid=2223 uid=0 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 69.251036] audit: type=1104 audit(1719332433.082:225): pid=2223 uid=0 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 69.256617] audit: type=1131 audit(1719332433.094:226): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@6-172.31.30.52:22-139.178.89.65:36782 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 75.497075] audit: type=1325 audit(1719332439.336:227): table=mangle:38 family=2 entries=1 op=nft_register_chain pid=3576 subj=system_u:system_r:kernel_t:s0 comm="iptables" [ 75.498593] audit: type=1300 audit(1719332439.336:227): arch=c000003e syscall=46 success=yes exit=104 a0=3 a1=7ffef9253ef0 a2=0 a3=7ffef9253edc items=0 ppid=3494 pid=3576 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 75.503369] audit: type=1327 audit(1719332439.336:227): proctitle=69707461626C6573002D770035002D5700313030303030002D4E004B5542452D50524F58592D43414E415259002D74006D616E676C65 [ 75.505397] audit: type=1325 audit(1719332439.341:228): table=nat:39 family=2 entries=1 op=nft_register_chain pid=3577 subj=system_u:system_r:kernel_t:s0 comm="iptables" [ 75.511634] audit: type=1300 audit(1719332439.341:228): arch=c000003e syscall=46 success=yes exit=100 a0=3 a1=7ffd0c8f29f0 a2=0 a3=7ffd0c8f29dc items=0 ppid=3494 pid=3577 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 75.516199] audit: type=1327 audit(1719332439.341:228): proctitle=69707461626C6573002D770035002D5700313030303030002D4E004B5542452D50524F58592D43414E415259002D74006E6174 [ 75.527625] audit: type=1325 audit(1719332439.365:229): table=filter:40 family=2 entries=1 op=nft_register_chain pid=3578 subj=system_u:system_r:kernel_t:s0 comm="iptables" [ 75.534626] audit: type=1300 audit(1719332439.365:229): arch=c000003e syscall=46 success=yes exit=104 a0=3 a1=7ffe4b5d8e40 a2=0 a3=7ffe4b5d8e2c items=0 ppid=3494 pid=3578 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 75.539105] audit: type=1327 audit(1719332439.365:229): proctitle=69707461626C6573002D770035002D5700313030303030002D4E004B5542452D50524F58592D43414E415259002D740066696C746572 [ 75.548803] audit: type=1325 audit(1719332439.365:230): table=mangle:41 family=10 entries=1 op=nft_register_chain pid=3579 subj=system_u:system_r:kernel_t:s0 comm="ip6tables" [ 80.701644] kauditd_printk_skb: 143 callbacks suppressed [ 80.701647] audit: type=1325 audit(1719332444.540:278): table=filter:89 family=2 entries=15 op=nft_register_rule pid=3721 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 80.703930] audit: type=1300 audit(1719332444.540:278): arch=c000003e syscall=46 success=yes exit=5908 a0=3 a1=7ffc8adeb500 a2=0 a3=7ffc8adeb4ec items=0 ppid=3494 pid=3721 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 80.707473] audit: type=1327 audit(1719332444.540:278): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 80.711764] audit: type=1325 audit(1719332444.541:279): table=nat:90 family=2 entries=12 op=nft_register_rule pid=3721 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 80.713773] audit: type=1300 audit(1719332444.541:279): arch=c000003e syscall=46 success=yes exit=2700 a0=3 a1=7ffc8adeb500 a2=0 a3=0 items=0 ppid=3494 pid=3721 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 80.718036] audit: type=1327 audit(1719332444.541:279): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 80.723774] audit: type=1325 audit(1719332444.562:280): table=filter:91 family=2 entries=16 op=nft_register_rule pid=3723 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 80.725556] audit: type=1300 audit(1719332444.562:280): arch=c000003e syscall=46 success=yes exit=5908 a0=3 a1=7ffd4a099cc0 a2=0 a3=7ffd4a099cac items=0 ppid=3494 pid=3723 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 80.728748] audit: type=1327 audit(1719332444.562:280): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 80.731674] audit: type=1325 audit(1719332444.563:281): table=nat:92 family=2 entries=12 op=nft_register_rule pid=3723 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 88.153882] kauditd_printk_skb: 8 callbacks suppressed [ 88.153885] audit: type=1325 audit(1719332451.992:284): table=filter:95 family=2 entries=15 op=nft_register_rule pid=4094 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 88.156754] audit: type=1300 audit(1719332451.992:284): arch=c000003e syscall=46 success=yes exit=5164 a0=3 a1=7ffde8a30130 a2=0 a3=7ffde8a3011c items=0 ppid=3494 pid=4094 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 88.160091] audit: type=1327 audit(1719332451.992:284): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 88.161798] audit: type=1325 audit(1719332451.994:285): table=nat:96 family=2 entries=19 op=nft_register_chain pid=4094 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 88.163731] audit: type=1300 audit(1719332451.994:285): arch=c000003e syscall=46 success=yes exit=6276 a0=3 a1=7ffde8a30130 a2=0 a3=7ffde8a3011c items=0 ppid=3494 pid=4094 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 88.168658] audit: type=1327 audit(1719332451.994:285): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 103.147800] wireguard: WireGuard 1.0.0 loaded. See www.wireguard.com for information. [ 103.148943] wireguard: Copyright (C) 2015-2019 Jason A. Donenfeld . All Rights Reserved. [ 105.327180] audit: type=1400 audit(1719332469.167:286): avc: denied { write } for pid=4571 comm="tee" name="fd" dev="proc" ino=26902 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dir permissive=0 [ 105.330252] audit: type=1300 audit(1719332469.167:286): arch=c000003e syscall=257 success=yes exit=3 a0=ffffff9c a1=7ffc989d0a22 a2=241 a3=1b6 items=1 ppid=4526 pid=4571 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="tee" exe="/usr/bin/coreutils" subj=system_u:system_r:kernel_t:s0 key=(null) [ 105.334386] audit: type=1307 audit(1719332469.167:286): cwd="/etc/service/enabled/felix/log" [ 105.336221] audit: type=1302 audit(1719332469.167:286): item=0 name="/dev/fd/63" inode=26852 dev=00:0c mode=010600 ouid=0 ogid=0 rdev=00:00 obj=system_u:system_r:kernel_t:s0 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 [ 105.346012] audit: type=1327 audit(1719332469.167:286): proctitle=2F7573722F62696E2F636F72657574696C73002D2D636F72657574696C732D70726F672D73686562616E673D746565002F7573722F62696E2F746565002F6465762F66642F3633 [ 105.361136] audit: type=1400 audit(1719332469.199:287): avc: denied { write } for pid=4574 comm="tee" name="fd" dev="proc" ino=26544 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dir permissive=0 [ 105.363764] audit: type=1300 audit(1719332469.199:287): arch=c000003e syscall=257 success=yes exit=3 a0=ffffff9c a1=7fffb23e9a22 a2=241 a3=1b6 items=1 ppid=4524 pid=4574 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="tee" exe="/usr/bin/coreutils" subj=system_u:system_r:kernel_t:s0 key=(null) [ 105.368541] audit: type=1307 audit(1719332469.199:287): cwd="/etc/service/enabled/confd/log" [ 105.370253] audit: type=1302 audit(1719332469.199:287): item=0 name="/dev/fd/63" inode=26853 dev=00:0c mode=010600 ouid=0 ogid=0 rdev=00:00 obj=system_u:system_r:kernel_t:s0 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 [ 105.374435] audit: type=1327 audit(1719332469.199:287): proctitle=2F7573722F62696E2F636F72657574696C73002D2D636F72657574696C732D70726F672D73686562616E673D746565002F7573722F62696E2F746565002F6465762F66642F3633 [ 106.990642] IPv6: ADDRCONF(NETDEV_CHANGE): cali19077955ae1: link becomes ready This is ip-172-31-30-52 (Linux x86_64 6.1.95-flatcar) 16:21:11 SSH host key: SHA256:D/PGrfZQ8y4i9ob7k0ckwlWhLxInovB2Y5GJ8UZVcJs (ED25519) SSH host key: SHA256:BwwD2EeYNsqZ0pUA0wNu+F1VqtdprOclPp5Bt1sbdeM (RSA) SSH host key: SHA256:WaXsrNfA0xjQFKACkl6zDyIQSGgKNRissl+vzeve7CQ (ECDSA) eth0: 172.31.30.52 fe80::42d:3dff:fe74:64d ip-172-31-30-52 login: [ 108.212773] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 108.213893] IPv6: ADDRCONF(NETDEV_CHANGE): cali5f4045df68b: link becomes ready This is ip-172-31-30-52 (Linux x86_64 6.1.95-flatcar) 16:21:12 SSH host key: SHA256:D/PGrfZQ8y4i9ob7k0ckwlWhLxInovB2Y5GJ8UZVcJs (ED25519) SSH host key: SHA256:BwwD2EeYNsqZ0pUA0wNu+F1VqtdprOclPp5Bt1sbdeM (RSA) SSH host key: SHA256:WaXsrNfA0xjQFKACkl6zDyIQSGgKNRissl+vzeve7CQ (ECDSA) eth0: 172.31.30.52 fe80::42d:3dff:fe74:64d ip-172-31-30-52 login: This is ip-172-31-30-52 (Linux x86_64 6.1.95-flatcar) 16:21:13 SSH host key: SHA256:D/PGrfZQ8y4i9ob7k0ckwlWhLxInovB2Y5GJ8UZVcJs (ED25519) SSH host key: SHA256:BwwD2EeYNsqZ0pUA0wNu+F1VqtdprOclPp5Bt1sbdeM (RSA) SSH host key: SHA256:WaXsrNfA0xjQFKACkl6zDyIQSGgKNRissl+vzeve7CQ (ECDSA) eth0: 172.31.30.52 fe80::42d:3dff:fe74:64d ip-172-31-30-52 login: [ 110.470185] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 110.471012] IPv6: ADDRCONF(NETDEV_CHANGE): cali7ae64f11034: link becomes ready [ 110.539893] kauditd_printk_skb: 59 callbacks suppressed [ 110.539896] audit: type=1325 audit(1719332474.379:307): table=filter:103 family=2 entries=42 op=nft_register_chain pid=5023 subj=system_u:system_r:kernel_t:s0 comm="iptables-nft-re" [ 110.542797] audit: type=1300 audit(1719332474.379:307): arch=c000003e syscall=46 success=yes exit=21524 a0=3 a1=7ffca4a23c40 a2=0 a3=7ffca4a23c2c items=0 ppid=4531 pid=5023 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-nft-re" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 110.547064] audit: type=1327 audit(1719332474.379:307): proctitle=69707461626C65732D6E66742D726573746F7265002D2D6E6F666C757368002D2D766572626F7365002D2D77616974003130002D2D776169742D696E74657276616C003530303030 This is ip-172-31-30-52 (Linux x86_64 6.1.95-flatcar) 16:21:15 SSH host key: SHA256:D/PGrfZQ8y4i9ob7k0ckwlWhLxInovB2Y5GJ8UZVcJs (ED25519) SSH host key: SHA256:BwwD2EeYNsqZ0pUA0wNu+F1VqtdprOclPp5Bt1sbdeM (RSA) SSH host key: SHA256:WaXsrNfA0xjQFKACkl6zDyIQSGgKNRissl+vzeve7CQ (ECDSA) eth0: 172.31.30.52 fe80::42d:3dff:fe74:64d ip-172-31-30-52 login: [ 111.547860] audit: type=1325 audit(1719332475.376:308): table=filter:104 family=2 entries=14 op=nft_register_rule pid=5156 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 111.547866] audit: type=1300 audit(1719332475.376:308): arch=c000003e syscall=46 success=yes exit=5164 a0=3 a1=7ffe41dcbf10 a2=0 a3=7ffe41dcbefc items=0 ppid=3494 pid=5156 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 111.547870] audit: type=1327 audit(1719332475.376:308): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 111.548405] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 111.548444] IPv6: ADDRCONF(NETDEV_CHANGE): califd4a57b34d3: link becomes ready [ 111.621049] audit: type=1325 audit(1719332475.378:309): table=nat:105 family=2 entries=14 op=nft_register_rule pid=5156 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 111.671199] audit: type=1300 audit(1719332475.378:309): arch=c000003e syscall=46 success=yes exit=3468 a0=3 a1=7ffe41dcbf10 a2=0 a3=0 items=0 ppid=3494 pid=5156 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 111.678331] audit: type=1327 audit(1719332475.378:309): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 111.971204] audit: type=1325 audit(1719332475.810:310): table=filter:106 family=2 entries=38 op=nft_register_chain pid=5199 subj=system_u:system_r:kernel_t:s0 comm="iptables-nft-re" This is ip-172-31-30-52 (Linux x86_64 6.1.95-flatcar) 16:21:16 SSH host key: SHA256:D/PGrfZQ8y4i9ob7k0ckwlWhLxInovB2Y5GJ8UZVcJs (ED25519) SSH host key: SHA256:BwwD2EeYNsqZ0pUA0wNu+F1VqtdprOclPp5Bt1sbdeM (RSA) SSH host key: SHA256:WaXsrNfA0xjQFKACkl6zDyIQSGgKNRissl+vzeve7CQ (ECDSA) eth0: 172.31.30.52 fe80::42d:3dff:fe74:64d ip-172-31-30-52 login: This is ip-172-31-30-52 (Linux x86_64 6.1.95-flatcar) 16:21:18 SSH host key: SHA256:D/PGrfZQ8y4i9ob7k0ckwlWhLxInovB2Y5GJ8UZVcJs (ED25519) SSH host key: SHA256:BwwD2EeYNsqZ0pUA0wNu+F1VqtdprOclPp5Bt1sbdeM (RSA) SSH host key: SHA256:WaXsrNfA0xjQFKACkl6zDyIQSGgKNRissl+vzeve7CQ (ECDSA) eth0: 172.31.30.52 fe80::42d:3dff:fe74:64d ip-172-31-30-52 login: [ 119.303632] kauditd_printk_skb: 31 callbacks suppressed [ 119.303651] audit: type=1130 audit(1719332483.144:326): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@8-172.31.30.52:22-139.178.89.65:54560 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 119.538569] audit: type=1101 audit(1719332483.379:327): pid=5398 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 119.544493] audit: type=1103 audit(1719332483.384:328): pid=5398 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 119.548606] audit: type=1006 audit(1719332483.384:329): pid=5398 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=9 res=1 [ 119.551752] audit: type=1300 audit(1719332483.384:329): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fffc25d4c40 a2=3 a3=7f17bc1d1480 items=0 ppid=1 pid=5398 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=9 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 119.555121] audit: type=1327 audit(1719332483.384:329): proctitle=737368643A20636F7265205B707269765D [ 119.587634] audit: type=1105 audit(1719332483.428:330): pid=5398 uid=0 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 119.593331] audit: type=1103 audit(1719332483.434:331): pid=5401 uid=0 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 120.242325] audit: type=1106 audit(1719332484.082:332): pid=5398 uid=0 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 120.247150] audit: type=1104 audit(1719332484.087:333): pid=5398 uid=0 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 125.268068] kauditd_printk_skb: 1 callbacks suppressed [ 125.268071] audit: type=1130 audit(1719332489.108:335): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@9-172.31.30.52:22-139.178.89.65:35842 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 125.481221] audit: type=1101 audit(1719332489.322:336): pid=5637 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 125.484930] audit: type=1103 audit(1719332489.323:337): pid=5637 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 125.488824] audit: type=1006 audit(1719332489.324:338): pid=5637 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=10 res=1 [ 125.498195] audit: type=1300 audit(1719332489.324:338): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff47012460 a2=3 a3=7f6e55871480 items=0 ppid=1 pid=5637 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=10 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 125.506236] audit: type=1327 audit(1719332489.324:338): proctitle=737368643A20636F7265205B707269765D [ 125.530068] audit: type=1105 audit(1719332489.371:339): pid=5637 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 125.536197] audit: type=1103 audit(1719332489.377:340): pid=5640 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 125.777273] audit: type=1106 audit(1719332489.618:341): pid=5637 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 125.791761] audit: type=1104 audit(1719332489.632:342): pid=5637 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 130.801221] kauditd_printk_skb: 1 callbacks suppressed [ 130.801225] audit: type=1130 audit(1719332494.642:344): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@10-172.31.30.52:22-139.178.89.65:35850 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 130.957595] audit: type=1101 audit(1719332494.799:345): pid=5661 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 130.960737] audit: type=1103 audit(1719332494.801:346): pid=5661 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 130.963260] audit: type=1006 audit(1719332494.801:347): pid=5661 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=11 res=1 [ 130.965289] audit: type=1300 audit(1719332494.801:347): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff79d2e0f0 a2=3 a3=7f53794b9480 items=0 ppid=1 pid=5661 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=11 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 130.969116] audit: type=1327 audit(1719332494.801:347): proctitle=737368643A20636F7265205B707269765D [ 130.996889] audit: type=1105 audit(1719332494.838:348): pid=5661 uid=0 auid=500 ses=11 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 131.002039] audit: type=1103 audit(1719332494.843:349): pid=5664 uid=0 auid=500 ses=11 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 131.235710] audit: type=1106 audit(1719332495.077:350): pid=5661 uid=0 auid=500 ses=11 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 131.238959] audit: type=1104 audit(1719332495.078:351): pid=5661 uid=0 auid=500 ses=11 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 137.790128] kauditd_printk_skb: 23 callbacks suppressed [ 137.790131] audit: type=1130 audit(1719332501.630:371): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@13-172.31.30.52:22-139.178.89.65:59574 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 137.981242] audit: type=1101 audit(1719332501.823:372): pid=5725 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 137.988733] audit: type=1103 audit(1719332501.830:373): pid=5725 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 137.996640] audit: type=1006 audit(1719332501.830:374): pid=5725 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=14 res=1 [ 138.003754] audit: type=1300 audit(1719332501.830:374): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffe405ea580 a2=3 a3=7ff6c7ea6480 items=0 ppid=1 pid=5725 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=14 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 138.012421] audit: type=1327 audit(1719332501.830:374): proctitle=737368643A20636F7265205B707269765D [ 138.041051] audit: type=1105 audit(1719332501.882:375): pid=5725 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 138.046992] audit: type=1103 audit(1719332501.888:376): pid=5735 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 138.371567] audit: type=1106 audit(1719332502.213:377): pid=5725 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 138.374596] audit: type=1104 audit(1719332502.213:378): pid=5725 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 143.399678] kauditd_printk_skb: 1 callbacks suppressed [ 143.399681] audit: type=1130 audit(1719332507.241:380): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@14-172.31.30.52:22-139.178.89.65:55436 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 143.556056] audit: type=1101 audit(1719332507.398:381): pid=5747 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 143.562810] audit: type=1103 audit(1719332507.402:382): pid=5747 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 143.565826] audit: type=1006 audit(1719332507.402:383): pid=5747 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=15 res=1 [ 143.568088] audit: type=1300 audit(1719332507.402:383): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffe90506940 a2=3 a3=7f52c34f7480 items=0 ppid=1 pid=5747 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=15 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 143.571752] audit: type=1327 audit(1719332507.402:383): proctitle=737368643A20636F7265205B707269765D [ 143.617866] audit: type=1105 audit(1719332507.460:384): pid=5747 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 143.623791] audit: type=1103 audit(1719332507.465:385): pid=5750 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 143.958312] audit: type=1106 audit(1719332507.800:386): pid=5747 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 143.962253] audit: type=1104 audit(1719332507.801:387): pid=5747 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 148.985840] kauditd_printk_skb: 1 callbacks suppressed [ 148.985843] audit: type=1130 audit(1719332512.828:389): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@15-172.31.30.52:22-139.178.89.65:55440 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 149.166486] audit: type=1101 audit(1719332513.008:390): pid=5771 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 149.170488] audit: type=1103 audit(1719332513.008:391): pid=5771 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 149.174942] audit: type=1006 audit(1719332513.008:392): pid=5771 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=16 res=1 [ 149.176734] audit: type=1300 audit(1719332513.008:392): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff06589d10 a2=3 a3=7f97cd30f480 items=0 ppid=1 pid=5771 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=16 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 149.179769] audit: type=1327 audit(1719332513.008:392): proctitle=737368643A20636F7265205B707269765D [ 149.202585] audit: type=1105 audit(1719332513.045:393): pid=5771 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 149.205805] audit: type=1103 audit(1719332513.045:394): pid=5774 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 149.682380] audit: type=1106 audit(1719332513.524:395): pid=5771 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 149.685537] audit: type=1104 audit(1719332513.526:396): pid=5771 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 154.708202] kauditd_printk_skb: 1 callbacks suppressed [ 154.708205] audit: type=1130 audit(1719332518.550:398): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@16-172.31.30.52:22-139.178.89.65:53020 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 154.866561] audit: type=1101 audit(1719332518.709:399): pid=5805 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 154.869252] audit: type=1103 audit(1719332518.709:400): pid=5805 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 154.871989] audit: type=1006 audit(1719332518.709:401): pid=5805 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=17 res=1 [ 154.873893] audit: type=1300 audit(1719332518.709:401): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff41f8e1b0 a2=3 a3=7fd9071c5480 items=0 ppid=1 pid=5805 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=17 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 154.887191] audit: type=1327 audit(1719332518.709:401): proctitle=737368643A20636F7265205B707269765D [ 154.957241] audit: type=1105 audit(1719332518.798:402): pid=5805 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 154.962622] audit: type=1103 audit(1719332518.804:403): pid=5808 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 155.269430] audit: type=1106 audit(1719332519.112:404): pid=5805 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 155.273014] audit: type=1104 audit(1719332519.115:405): pid=5805 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 158.109224] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 158.110120] IPv6: ADDRCONF(NETDEV_CHANGE): cali419bc8bb582: link becomes ready [ 159.886370] kauditd_printk_skb: 51 callbacks suppressed [ 159.886372] audit: type=1101 audit(1719332523.729:435): pid=5935 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 159.889982] audit: type=1103 audit(1719332523.732:436): pid=5935 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 159.894462] audit: type=1006 audit(1719332523.732:437): pid=5935 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=20 res=1 [ 159.899516] audit: type=1300 audit(1719332523.732:437): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fffe9526680 a2=3 a3=7f8e6de79480 items=0 ppid=1 pid=5935 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=20 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 159.905757] audit: type=1327 audit(1719332523.732:437): proctitle=737368643A20636F7265205B707269765D [ 159.973344] audit: type=1105 audit(1719332523.816:438): pid=5935 uid=0 auid=500 ses=20 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 159.984971] audit: type=1103 audit(1719332523.827:439): pid=5939 uid=0 auid=500 ses=20 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' This is ip-172-31-30-52 (Linux x86_64 6.1.95-flatcar) 16:22:04 SSH host key: SHA256:D/PGrfZQ8y4i9ob7k0ckwlWhLxInovB2Y5GJ8UZVcJs (ED25519) SSH host key: SHA256:BwwD2EeYNsqZ0pUA0wNu+F1VqtdprOclPp5Bt1sbdeM (RSA) SSH host key: SHA256:WaXsrNfA0xjQFKACkl6zDyIQSGgKNRissl+vzeve7CQ (ECDSA) eth0: 172.31.30.52 fe80::42d:3dff:fe74:64d ip-172-31-30-52 login: [ 161.847908] audit: type=1106 audit(1719332525.688:440): pid=5935 uid=0 auid=500 ses=20 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 161.852787] audit: type=1104 audit(1719332525.688:441): pid=5935 uid=0 auid=500 ses=20 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 161.856240] audit: type=1131 audit(1719332525.693:442): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@19-172.31.30.52:22-139.178.89.65:53054 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 165.106631] kauditd_printk_skb: 23 callbacks suppressed [ 165.106634] audit: type=1325 audit(1719332528.950:456): table=filter:126 family=2 entries=33 op=nft_register_rule pid=6054 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 165.109704] audit: type=1300 audit(1719332528.950:456): arch=c000003e syscall=46 success=yes exit=11860 a0=3 a1=7fff3c628ce0 a2=0 a3=7fff3c628ccc items=0 ppid=3494 pid=6054 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 165.115507] audit: type=1327 audit(1719332528.950:456): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 165.118122] audit: type=1325 audit(1719332528.952:457): table=nat:127 family=2 entries=27 op=nft_register_chain pid=6054 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 165.120131] audit: type=1300 audit(1719332528.952:457): arch=c000003e syscall=46 success=yes exit=9348 a0=3 a1=7fff3c628ce0 a2=0 a3=0 items=0 ppid=3494 pid=6054 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 165.123474] audit: type=1327 audit(1719332528.952:457): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 167.511668] audit: type=1130 audit(1719332531.355:458): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@21-172.31.30.52:22-139.178.89.65:34934 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 167.728276] audit: type=1101 audit(1719332531.571:459): pid=6057 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 167.731734] audit: type=1103 audit(1719332531.573:460): pid=6057 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 167.734393] audit: type=1006 audit(1719332531.573:461): pid=6057 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=22 res=1 [ 170.292825] kauditd_printk_skb: 7 callbacks suppressed [ 170.292829] audit: type=1325 audit(1719332534.136:467): table=filter:128 family=2 entries=20 op=nft_register_rule pid=6078 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 170.295683] audit: type=1300 audit(1719332534.136:467): arch=c000003e syscall=46 success=yes exit=2932 a0=3 a1=7ffc8b0076c0 a2=0 a3=7ffc8b0076ac items=0 ppid=3494 pid=6078 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 170.298628] audit: type=1327 audit(1719332534.136:467): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 170.300705] audit: type=1325 audit(1719332534.139:468): table=nat:129 family=2 entries=106 op=nft_register_chain pid=6078 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 170.302185] audit: type=1300 audit(1719332534.139:468): arch=c000003e syscall=46 success=yes exit=49452 a0=3 a1=7ffc8b0076c0 a2=0 a3=7ffc8b0076ac items=0 ppid=3494 pid=6078 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 170.305460] audit: type=1327 audit(1719332534.139:468): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 173.162475] audit: type=1130 audit(1719332537.005:469): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@22-172.31.30.52:22-139.178.89.65:34538 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 173.388471] audit: type=1101 audit(1719332537.231:470): pid=6080 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 173.406235] audit: type=1103 audit(1719332537.250:471): pid=6080 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 173.410533] audit: type=1006 audit(1719332537.250:472): pid=6080 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=23 res=1 [ 178.749526] kauditd_printk_skb: 7 callbacks suppressed [ 178.749528] audit: type=1130 audit(1719332542.593:478): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@23-172.31.30.52:22-139.178.89.65:34548 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 178.951455] audit: type=1101 audit(1719332542.795:479): pid=6095 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 178.956497] audit: type=1103 audit(1719332542.795:480): pid=6095 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 178.960691] audit: type=1006 audit(1719332542.795:481): pid=6095 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=24 res=1 [ 178.962941] audit: type=1300 audit(1719332542.795:481): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffe97117230 a2=3 a3=7fb18ea5b480 items=0 ppid=1 pid=6095 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=24 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 178.968165] audit: type=1327 audit(1719332542.795:481): proctitle=737368643A20636F7265205B707269765D [ 178.998712] audit: type=1105 audit(1719332542.842:482): pid=6095 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 179.004307] audit: type=1103 audit(1719332542.847:483): pid=6098 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 179.322966] audit: type=1106 audit(1719332543.166:484): pid=6095 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 179.328835] audit: type=1104 audit(1719332543.166:485): pid=6095 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 184.357578] kauditd_printk_skb: 1 callbacks suppressed [ 184.357581] audit: type=1130 audit(1719332548.201:487): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@24-172.31.30.52:22-139.178.89.65:36252 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 184.562749] audit: type=1101 audit(1719332548.406:488): pid=6131 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 184.567699] audit: type=1103 audit(1719332548.409:489): pid=6131 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 184.571867] audit: type=1006 audit(1719332548.409:490): pid=6131 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=25 res=1 [ 184.577264] audit: type=1300 audit(1719332548.409:490): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffe68f107d0 a2=3 a3=7f6e27d3e480 items=0 ppid=1 pid=6131 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=25 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 184.580792] audit: type=1327 audit(1719332548.409:490): proctitle=737368643A20636F7265205B707269765D [ 184.595120] audit: type=1105 audit(1719332548.438:491): pid=6131 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 184.599368] audit: type=1103 audit(1719332548.441:492): pid=6138 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 184.918826] audit: type=1106 audit(1719332548.762:493): pid=6131 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 184.927624] audit: type=1104 audit(1719332548.763:494): pid=6131 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 189.943536] kauditd_printk_skb: 1 callbacks suppressed [ 189.943539] audit: type=1130 audit(1719332553.787:496): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@25-172.31.30.52:22-139.178.89.65:36264 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 190.095576] audit: type=1101 audit(1719332553.939:497): pid=6154 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 190.098888] audit: type=1103 audit(1719332553.939:498): pid=6154 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 190.101385] audit: type=1006 audit(1719332553.939:499): pid=6154 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=26 res=1 [ 190.103681] audit: type=1300 audit(1719332553.939:499): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffcc8e26c50 a2=3 a3=7f29a61b2480 items=0 ppid=1 pid=6154 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=26 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 190.107634] audit: type=1327 audit(1719332553.939:499): proctitle=737368643A20636F7265205B707269765D [ 190.128638] audit: type=1105 audit(1719332553.971:500): pid=6154 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 190.133759] audit: type=1103 audit(1719332553.978:501): pid=6157 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 190.376415] audit: type=1106 audit(1719332554.220:502): pid=6154 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 190.380744] audit: type=1104 audit(1719332554.220:503): pid=6154 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 195.404650] kauditd_printk_skb: 1 callbacks suppressed [ 195.404653] audit: type=1130 audit(1719332559.249:505): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@26-172.31.30.52:22-139.178.89.65:43316 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 195.603422] audit: type=1101 audit(1719332559.447:506): pid=6196 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 195.606353] audit: type=1103 audit(1719332559.448:507): pid=6196 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 195.609887] audit: type=1006 audit(1719332559.448:508): pid=6196 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=27 res=1 [ 195.611776] audit: type=1300 audit(1719332559.448:508): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc994b1900 a2=3 a3=7f62db44b480 items=0 ppid=1 pid=6196 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=27 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 195.614344] audit: type=1327 audit(1719332559.448:508): proctitle=737368643A20636F7265205B707269765D [ 195.643765] audit: type=1105 audit(1719332559.486:509): pid=6196 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 195.649973] audit: type=1103 audit(1719332559.494:510): pid=6202 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 195.920300] audit: type=1106 audit(1719332559.764:511): pid=6196 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 195.927655] audit: type=1104 audit(1719332559.770:512): pid=6196 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 200.950094] kauditd_printk_skb: 1 callbacks suppressed [ 200.950097] audit: type=1130 audit(1719332564.794:514): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@27-172.31.30.52:22-139.178.89.65:43322 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 201.118874] audit: type=1101 audit(1719332564.963:515): pid=6229 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 201.122551] audit: type=1103 audit(1719332564.967:516): pid=6229 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 201.124979] audit: type=1006 audit(1719332564.967:517): pid=6229 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=28 res=1 [ 201.126282] audit: type=1300 audit(1719332564.967:517): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff1d0f7d80 a2=3 a3=7f9c16b66480 items=0 ppid=1 pid=6229 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=28 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 201.129785] audit: type=1327 audit(1719332564.967:517): proctitle=737368643A20636F7265205B707269765D [ 201.151186] audit: type=1105 audit(1719332564.994:518): pid=6229 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 201.154901] audit: type=1103 audit(1719332564.999:519): pid=6232 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 201.469442] audit: type=1106 audit(1719332565.314:520): pid=6229 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 201.479520] audit: type=1104 audit(1719332565.314:521): pid=6229 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success'