API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Feb 25th, 2014
33
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 23.52 KB | None | 0 0
raw download clone embed print report
  1. Feb 25 11:53:38 ip-10-53-13-137 sshd[3950]: pam_unix(sshd:session): session closed for user ec2-user
  2. Feb 25 11:53:38 ip-10-53-13-137 sshd[3878]: pam_unix(sshd:session): session closed for user ec2-user
  3. Feb 25 14:32:29 ip-10-53-13-137 sshd[4898]: Accepted publickey for ec2-user from XXXXXXXXXXX port 53614 ssh2
  4. Feb 25 14:32:29 ip-10-53-13-137 sshd[4898]: pam_unix(sshd:session): session opened for user ec2-user by (uid=0)
  5. Feb 25 14:33:55 ip-10-53-13-137 sudo: ec2-user : TTY=pts/0 ; PWD=/home ; USER=root ; COMMAND=/usr/bin/yum vsftpd
  6. Feb 25 14:34:07 ip-10-53-13-137 sudo: ec2-user : TTY=pts/0 ; PWD=/home ; USER=root ; COMMAND=/usr/bin/yum install vsftpd
  7. Feb 25 14:34:33 ip-10-53-13-137 sudo: ec2-user : TTY=pts/0 ; PWD=/home ; USER=root ; COMMAND=/bin/nano /etc/vfstpd.conf
  8. Feb 25 14:35:01 ip-10-53-13-137 sudo: ec2-user : TTY=pts/0 ; PWD=/home ; USER=root ; COMMAND=/bin/nano /etc/vsftpd/vsftpd.conf
  9. Feb 25 14:40:05 ip-10-53-13-137 sudo: ec2-user : TTY=pts/0 ; PWD=/home ; USER=root ; COMMAND=/bin/nano /etc/vsftpd/vsftpd.conf
  10. Feb 25 14:41:32 ip-10-53-13-137 sudo: ec2-user : TTY=pts/0 ; PWD=/home ; USER=root ; COMMAND=/usr/sbin/groupadd ftpusers
  11. Feb 25 14:41:32 ip-10-53-13-137 groupadd[5076]: group added to /etc/group: name=ftpusers, GID=511
  12. Feb 25 14:41:32 ip-10-53-13-137 groupadd[5076]: group added to /etc/gshadow: name=ftpusers
  13. Feb 25 14:41:32 ip-10-53-13-137 groupadd[5076]: new group: name=ftpusers, GID=511
  14. Feb 25 14:42:34 ip-10-53-13-137 sudo: ec2-user : TTY=pts/0 ; PWD=/home ; USER=root ; COMMAND=/bin/mkdir ftp
  15. Feb 25 14:43:08 ip-10-53-13-137 sudo: ec2-user : TTY=pts/0 ; PWD=/home ; USER=root ; COMMAND=/bin/mkdir ftp/sc_temp
  16. Feb 25 14:45:20 ip-10-53-13-137 sshd[5103]: Accepted publickey for ec2-user from XXXXXXXXXXXXXXX port 28603 ssh2
  17. Feb 25 14:45:20 ip-10-53-13-137 sshd[5103]: pam_unix(sshd:session): session opened for user ec2-user by (uid=0)
  18. Feb 25 14:45:35 ip-10-53-13-137 sudo: ec2-user : TTY=pts/1 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/usr/sbin/useradd -d /home/ftp/sc_temp -s /usr/sbin/nologin -g ftpusers sc_temp
  19. Feb 25 14:45:35 ip-10-53-13-137 useradd[5130]: new user: name=sc_temp, UID=510, GID=511, home=/home/ftp/sc_temp, shell=/usr/sbin/nologin
  20. Feb 25 14:47:09 ip-10-53-13-137 sudo: ec2-user : TTY=pts/1 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/usr/bin/passwd sc_temp
  21. Feb 25 14:47:58 ip-10-53-13-137 passwd: pam_unix(passwd:chauthtok): password changed for sc_temp
  22. Feb 25 14:48:51 ip-10-53-13-137 sudo: ec2-user : TTY=pts/1 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/chown -R sc_temp /home/ftp/sc_temp
  23. Feb 25 14:48:52 ip-10-53-13-137 sudo: ec2-user : TTY=pts/1 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/chmod 775 /home/ftp/sc_temp
  24. Feb 25 14:49:30 ip-10-53-13-137 sudo: ec2-user : TTY=pts/1 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/nano /etc/vsftpd/user_list
  25. Feb 25 14:49:58 ip-10-53-13-137 sudo: ec2-user : TTY=pts/1 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/nano /etc/vsftpd/vsftpd.conf
  26. Feb 25 14:50:55 ip-10-53-13-137 sudo: ec2-user : TTY=pts/1 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/nano /etc/vsftpd/vsftpd.conf
  27. Feb 25 14:51:25 ip-10-53-13-137 sudo: ec2-user : TTY=pts/1 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/nano /etc/vsftpd/vsftpd.conf
  28. Feb 25 14:52:21 ip-10-53-13-137 sudo: ec2-user : TTY=pts/1 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/nano /etc/vsftpd/vsftpd.conf
  29. Feb 25 14:52:43 ip-10-53-13-137 sudo: ec2-user : TTY=pts/1 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/etc/init.d/vsftpd restart
  30. Feb 25 14:53:04 ip-10-53-13-137 sudo: ec2-user : TTY=pts/1 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/nano /etc/vsftpd/vsftpd.conf
  31. Feb 25 14:54:06 ip-10-53-13-137 sudo: ec2-user : TTY=pts/1 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/usr/bin/passwd sc_temp
  32. Feb 25 14:54:42 ip-10-53-13-137 sudo: ec2-user : TTY=pts/1 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/usr/bin/passwd sc_temp
  33. Feb 25 14:55:45 ip-10-53-13-137 sshd[5103]: pam_unix(sshd:session): session closed for user ec2-user
  34. Feb 25 14:55:49 ip-10-53-13-137 sshd[5235]: Accepted publickey for ec2-user from XXXXXXXXXXX port 36099 ssh2
  35. Feb 25 14:55:49 ip-10-53-13-137 sshd[5235]: pam_unix(sshd:session): session opened for user ec2-user by (uid=0)
  36. Feb 25 14:55:53 ip-10-53-13-137 sudo: ec2-user : TTY=pts/1 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/usr/bin/passwd sc_temp
  37. Feb 25 14:56:09 ip-10-53-13-137 passwd: pam_unix(passwd:chauthtok): password changed for sc_temp
  38. Feb 25 14:56:38 ip-10-53-13-137 sudo: ec2-user : TTY=pts/1 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/etc/init.d/vsftpd restart
  39. Feb 25 14:59:13 ip-10-53-13-137 sudo: ec2-user : TTY=pts/1 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/chown -R sc_temp /home/ftp
  40. Feb 25 14:59:13 ip-10-53-13-137 sudo: ec2-user : TTY=pts/1 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/chmod 775 /home/ftp
  41. Feb 25 15:01:19 ip-10-53-13-137 sudo: ec2-user : TTY=pts/1 ; PWD=/home/ftp ; USER=root ; COMMAND=/bin/nano /etc/vsftpd/vsftpd.conf
  42. Feb 25 15:01:57 ip-10-53-13-137 sudo: ec2-user : TTY=pts/1 ; PWD=/home/ftp ; USER=root ; COMMAND=/etc/init.d/vsftpd restart
  43. Feb 25 15:02:56 ip-10-53-13-137 sudo: ec2-user : TTY=pts/1 ; PWD=/home/ftp ; USER=root ; COMMAND=/bin/nano /etc/vsftpd/vsftpd.conf
  44. Feb 25 15:06:10 ip-10-53-13-137 sudo: ec2-user : TTY=pts/1 ; PWD=/home/ftp ; USER=root ; COMMAND=/bin/nano /etc/sysconfig/iptables
  45. Feb 25 15:08:58 ip-10-53-13-137 sshd[5425]: Accepted publickey for ec2-user from XXXXXXXXXXX port 54436 ssh2
  46. Feb 25 15:08:58 ip-10-53-13-137 sshd[5425]: pam_unix(sshd:session): session opened for user ec2-user by (uid=0)
  47. Feb 25 15:09:33 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/nano /etc/sysconfig/iptables-config
  48. Feb 25 15:11:18 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/sbin/service iptables restart
  49. Feb 25 15:11:29 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/nano /etc/sysconfig/iptables
  50. Feb 25 15:11:39 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/sbin/service iptables restart
  51. Feb 25 15:11:44 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/sbin/service iptables restart
  52. Feb 25 15:11:45 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/nano /etc/sysconfig/iptables
  53. Feb 25 15:11:56 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/sbin/service iptables restart
  54. Feb 25 15:11:57 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/nano /etc/sysconfig/iptables
  55. Feb 25 15:12:01 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/sbin/service iptables restart
  56. Feb 25 15:12:46 ip-10-53-13-137 sshd[5562]: Accepted publickey for ec2-user from XXXXXXXXXXX port 21870 ssh2
  57. Feb 25 15:12:46 ip-10-53-13-137 sshd[5562]: pam_unix(sshd:session): session opened for user ec2-user by (uid=0)
  58. Feb 25 15:12:46 ip-10-53-13-137 sshd[5564]: subsystem request for sftp
  59. Feb 25 15:14:14 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/usr/sbin/useradd -d /home/ftp/sc_temp -s /usr/sbin/nologin -g ftpusers scuser
  60. Feb 25 15:14:14 ip-10-53-13-137 useradd[5579]: new user: name=scuser, UID=511, GID=511, home=/home/ftp/sc_temp, shell=/usr/sbin/nologin
  61. Feb 25 15:14:25 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/usr/sbin/useradd -d /home/ftp/scuser -s /usr/sbin/nologin -g ftpusers scuser
  62. Feb 25 15:14:25 ip-10-53-13-137 useradd[5585]: failed adding user 'scuser', data deleted
  63. Feb 25 15:14:41 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/usr/sbin/useradd -d /home/ftp/ftpuser -s /usr/sbin/nologin -g ftpusers ftpuser
  64. Feb 25 15:14:41 ip-10-53-13-137 useradd[5587]: new user: name=ftpuser, UID=512, GID=511, home=/home/ftp/ftpuser, shell=/usr/sbin/nologin
  65. Feb 25 15:15:49 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/usr/bin/passwd ftpuser
  66. Feb 25 15:16:28 ip-10-53-13-137 passwd: pam_unix(passwd:chauthtok): password changed for ftpuser
  67. Feb 25 15:16:49 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/chown -R ftpuser /home/ftp/ftpuser
  68. Feb 25 15:16:50 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/chmod 775 /home/ftp/ftpuser
  69. Feb 25 15:17:25 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/nano /etc/vsftpd/user_list
  70. Feb 25 15:17:44 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/etc/init.d/vsftpd restart
  71. Feb 25 15:17:47 ip-10-53-13-137 sshd[5562]: pam_unix(sshd:session): session closed for user ec2-user
  72. Feb 25 15:21:12 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/sbin/service iptables stop
  73. Feb 25 15:28:12 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/nano /etc/vsftpd/user_list
  74. Feb 25 15:28:34 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/nano /etc/vsftpd/vsftpd.conf
  75. Feb 25 15:30:37 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/etc/init.d/vsftpd restart
  76. Feb 25 15:31:37 ip-10-53-13-137 sshd[5892]: Accepted publickey for ec2-user from XXXXXXXXXXX port 11921 ssh2
  77. Feb 25 15:31:37 ip-10-53-13-137 sshd[5892]: pam_unix(sshd:session): session opened for user ec2-user by (uid=0)
  78. Feb 25 15:31:37 ip-10-53-13-137 sshd[5894]: subsystem request for sftp
  79. Feb 25 15:33:35 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/ls -l alex
  80. Feb 25 15:33:45 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/ls -l /home/alex
  81. Feb 25 15:34:06 ip-10-53-13-137 sshd[5915]: Accepted publickey for ec2-user from XXXXXXXXXXX port 33709 ssh2
  82. Feb 25 15:34:06 ip-10-53-13-137 sshd[5915]: pam_unix(sshd:session): session opened for user ec2-user by (uid=0)
  83. Feb 25 15:34:06 ip-10-53-13-137 sshd[5917]: subsystem request for sftp
  84. Feb 25 15:36:58 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/nano /home/ftpuser/.ssh/authorized_keys
  85. Feb 25 15:37:18 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/mkdir /home/ftpuser/.ssh/authorized_keys
  86. Feb 25 15:37:26 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/mkdir /home/ftpuser/.ssh
  87. Feb 25 15:37:53 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/mkdir /home/ftpuser
  88. Feb 25 15:38:38 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/mkdir /home/ftpuser/.ssh
  89. Feb 25 15:38:43 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/nano /home/ftpuser/.ssh/authorized_keys
  90. Feb 25 15:38:49 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/nano /home/ftpuser/.ssh/authorized_keys
  91. Feb 25 15:38:58 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/nano /home/ec2-user/.ssh/authorized_keys
  92. Feb 25 15:39:09 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/nano /home/ftpuser/.ssh/authorized_keys
  93. Feb 25 15:39:18 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/nano /home/ftpuser/.ssh/authorized_keys
  94. Feb 25 15:39:25 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/nano /home/ec2-user/.ssh/authorized_keys
  95. Feb 25 15:39:48 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/cat /home/ec2-user/.ssh/authorized_keys
  96. Feb 25 15:39:57 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/nano /home/ftpuser/.ssh/authorized_keys
  97. Feb 25 15:40:17 ip-10-53-13-137 sshd[5915]: pam_unix(sshd:session): session closed for user ec2-user
  98. Feb 25 15:40:17 ip-10-53-13-137 sshd[6002]: User ftpuser not allowed because shell /usr/sbin/nologin does not exist
  99. Feb 25 15:40:17 ip-10-53-13-137 sshd[6003]: input_userauth_request: invalid user ftpuser
  100. Feb 25 15:40:17 ip-10-53-13-137 sshd[6003]: Received disconnect from XXXXXXXXXXX: 14: No supported authentication methods available
  101. Feb 25 15:40:23 ip-10-53-13-137 sshd[6004]: User ftpuser not allowed because shell /usr/sbin/nologin does not exist
  102. Feb 25 15:40:23 ip-10-53-13-137 sshd[6005]: input_userauth_request: invalid user ftpuser
  103. Feb 25 15:40:23 ip-10-53-13-137 sshd[6005]: Received disconnect from XXXXXXXXXXX: 14: No supported authentication methods available
  104. Feb 25 15:40:55 ip-10-53-13-137 sshd[6006]: User ftpuser not allowed because shell /usr/sbin/nologin does not exist
  105. Feb 25 15:40:55 ip-10-53-13-137 sshd[6007]: input_userauth_request: invalid user ftpuser
  106. Feb 25 15:40:55 ip-10-53-13-137 sshd[6007]: Received disconnect from XXXXXXXXXXX: 14: No supported authentication methods available
  107. Feb 25 15:54:37 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/nano /home/ftpuser/.ssh/authorized_keys
  108. Feb 25 15:54:51 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/nano /home/ftpuser/.ssh/authorized_keys
  109. Feb 25 15:54:59 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/nano /home/ftpuser/.ssh/authorized_keys
  110. Feb 25 15:55:15 ip-10-53-13-137 sshd[5892]: pam_unix(sshd:session): session closed for user ec2-user
  111. Feb 25 15:55:20 ip-10-53-13-137 sshd[6070]: User ftpuser not allowed because shell /usr/sbin/nologin does not exist
  112. Feb 25 15:55:20 ip-10-53-13-137 sshd[6071]: input_userauth_request: invalid user ftpuser
  113. Feb 25 15:55:20 ip-10-53-13-137 sshd[6071]: Received disconnect from XXXXXXXXXXX: 14: No supported authentication methods available
  114. Feb 25 15:55:49 ip-10-53-13-137 sshd[6072]: Accepted publickey for ec2-user from XXXXXXXXXXX port 41035 ssh2
  115. Feb 25 15:55:49 ip-10-53-13-137 sshd[6072]: pam_unix(sshd:session): session opened for user ec2-user by (uid=0)
  116. Feb 25 15:55:49 ip-10-53-13-137 sshd[6074]: subsystem request for sftp
  117. Feb 25 15:59:15 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/nano /etc/ssh/sshd_config
  118. Feb 25 15:59:45 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/nano /etc/ssh/sshd_config
  119. Feb 25 16:04:27 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/nano /etc/ssh/sshd_config
  120. Feb 25 16:04:59 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/sbin/service ssh reload
  121. Feb 25 16:05:05 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/sbin/service sshd restart
  122. Feb 25 16:05:06 ip-10-53-13-137 sshd[1131]: Received signal 15; terminating.
  123. Feb 25 16:05:06 ip-10-53-13-137 sshd[6205]: Server listening on 0.0.0.0 port 22.
  124. Feb 25 16:05:06 ip-10-53-13-137 sshd[6205]: Server listening on :: port 22.
  125. Feb 25 16:05:19 ip-10-53-13-137 sshd[6208]: Accepted publickey for ec2-user from XXXXXXXXXXX port 27610 ssh2
  126. Feb 25 16:05:19 ip-10-53-13-137 sshd[6208]: pam_unix(sshd:session): session opened for user ec2-user by (uid=0)
  127. Feb 25 16:05:19 ip-10-53-13-137 sshd[6210]: subsystem request for sftp
  128. Feb 25 16:05:25 ip-10-53-13-137 sshd[6208]: pam_unix(sshd:session): session closed for user ec2-user
  129. Feb 25 16:05:25 ip-10-53-13-137 sshd[6222]: User ftpuser not allowed because shell /usr/sbin/nologin does not exist
  130. Feb 25 16:05:25 ip-10-53-13-137 sshd[6223]: input_userauth_request: invalid user ftpuser
  131. Feb 25 16:05:25 ip-10-53-13-137 sshd[6223]: Received disconnect from XXXXXXXXXXX: 14: No supported authentication methods available
  132. Feb 25 16:05:31 ip-10-53-13-137 sshd[6224]: User ftpuser not allowed because shell /usr/sbin/nologin does not exist
  133. Feb 25 16:05:31 ip-10-53-13-137 sshd[6225]: input_userauth_request: invalid user ftpuser
  134. Feb 25 16:05:31 ip-10-53-13-137 sshd[6225]: Received disconnect from XXXXXXXXXXX: 14: No supported authentication methods available
  135. Feb 25 16:06:48 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/nano /etc/ssh/ssh_host_rsa_key
  136. Feb 25 16:10:07 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/nano .ssh/authorized_keys
  137. Feb 25 16:11:31 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/nano .ssh/authorized_keys
  138. Feb 25 16:11:42 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/nano .ssh/authorized_keys
  139. Feb 25 16:12:18 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/nano .ssh/authorized_keys
  140. Feb 25 16:13:03 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/nano /home/ftpuser/.ssh/authorized_keys
  141. Feb 25 16:13:13 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/nano .ssh/authorized_keys
  142. Feb 25 16:14:51 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/nano /etc/httpd/httpd.conf
  143. Feb 25 16:15:16 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/bin/nano /etc/httpd/conf/httpd.conf
  144. Feb 25 16:16:15 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/usr/sbin/apachectl -k graceful
  145. Feb 25 16:18:54 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/usr/sbin/apachectl -k graceful
  146. Feb 25 16:22:25 ip-10-53-13-137 sudo: ec2-user : TTY=pts/2 ; PWD=/home/ec2-user ; USER=root ; COMMAND=/sbin/service vsftpd stop
  147. Feb 25 16:22:28 ip-10-53-13-137 sshd[5425]: pam_unix(sshd:session): session closed for user ec2-user
  148. Feb 25 16:40:40 ip-10-53-13-137 sshd[6473]: error: buffer_get_ret: trying to get more bytes 4 than in buffer 0
  149. Feb 25 16:40:40 ip-10-53-13-137 sshd[6473]: fatal: buffer_get_int: buffer error
  150. Feb 25 16:40:40 ip-10-53-13-137 sshd[6473]: PAM audit_log_acct_message() failed: Operation not permitted
  151. Feb 25 16:40:40 ip-10-53-13-137 sshd[6473]: error: cannot write into audit
  152. Feb 25 16:40:40 ip-10-53-13-137 sshd[6473]: error: cannot write into audit
  153. Feb 25 16:40:40 ip-10-53-13-137 sshd[6474]: fatal: mm_request_send: write: Broken pipe
  154. Feb 25 16:40:52 ip-10-53-13-137 sshd[6475]: error: buffer_get_ret: trying to get more bytes 4 than in buffer 0
  155. Feb 25 16:40:52 ip-10-53-13-137 sshd[6475]: fatal: buffer_get_int: buffer error
  156. Feb 25 16:40:52 ip-10-53-13-137 sshd[6475]: PAM audit_log_acct_message() failed: Operation not permitted
  157. Feb 25 16:40:52 ip-10-53-13-137 sshd[6475]: error: cannot write into audit
  158. Feb 25 16:40:52 ip-10-53-13-137 sshd[6475]: error: cannot write into audit
  159. Feb 25 16:40:52 ip-10-53-13-137 sshd[6476]: fatal: mm_request_send: write: Broken pipe
  160. Feb 25 16:41:04 ip-10-53-13-137 sshd[6477]: error: buffer_get_ret: trying to get more bytes 4 than in buffer 0
  161. Feb 25 16:41:04 ip-10-53-13-137 sshd[6477]: fatal: buffer_get_int: buffer error
  162. Feb 25 16:41:04 ip-10-53-13-137 sshd[6477]: PAM audit_log_acct_message() failed: Operation not permitted
  163. Feb 25 16:41:04 ip-10-53-13-137 sshd[6477]: error: cannot write into audit
  164. Feb 25 16:41:04 ip-10-53-13-137 sshd[6477]: error: cannot write into audit
  165. Feb 25 16:41:04 ip-10-53-13-137 sshd[6478]: fatal: mm_request_send: write: Broken pipe
  166. Feb 25 16:41:16 ip-10-53-13-137 sshd[6479]: error: buffer_get_ret: trying to get more bytes 4 than in buffer 0
  167. Feb 25 16:41:16 ip-10-53-13-137 sshd[6479]: fatal: buffer_get_int: buffer error
  168. Feb 25 16:41:16 ip-10-53-13-137 sshd[6479]: PAM audit_log_acct_message() failed: Operation not permitted
  169. Feb 25 16:41:16 ip-10-53-13-137 sshd[6479]: error: cannot write into audit
  170. Feb 25 16:41:16 ip-10-53-13-137 sshd[6479]: error: cannot write into audit
  171. Feb 25 16:41:16 ip-10-53-13-137 sshd[6480]: fatal: mm_request_send: write: Broken pipe
  172. Feb 25 16:41:27 ip-10-53-13-137 sshd[6482]: error: buffer_get_ret: trying to get more bytes 4 than in buffer 0
  173. Feb 25 16:41:27 ip-10-53-13-137 sshd[6482]: fatal: buffer_get_int: buffer error
  174. Feb 25 16:41:27 ip-10-53-13-137 sshd[6482]: PAM audit_log_acct_message() failed: Operation not permitted
  175. Feb 25 16:41:27 ip-10-53-13-137 sshd[6482]: error: cannot write into audit
  176. Feb 25 16:41:27 ip-10-53-13-137 sshd[6482]: error: cannot write into audit
  177. Feb 25 16:41:27 ip-10-53-13-137 sshd[6483]: fatal: mm_request_send: write: Broken pipe
  178. Feb 25 16:41:39 ip-10-53-13-137 sshd[6484]: error: buffer_get_ret: trying to get more bytes 4 than in buffer 0
  179. Feb 25 16:41:39 ip-10-53-13-137 sshd[6484]: fatal: buffer_get_int: buffer error
  180. Feb 25 16:41:39 ip-10-53-13-137 sshd[6484]: PAM audit_log_acct_message() failed: Operation not permitted
  181. Feb 25 16:41:39 ip-10-53-13-137 sshd[6484]: error: cannot write into audit
  182. Feb 25 16:41:39 ip-10-53-13-137 sshd[6484]: error: cannot write into audit
  183. Feb 25 16:41:39 ip-10-53-13-137 sshd[6485]: fatal: mm_request_send: write: Broken pipe
  184. Feb 25 16:41:50 ip-10-53-13-137 sshd[6486]: error: buffer_get_ret: trying to get more bytes 4 than in buffer 0
  185. Feb 25 16:41:50 ip-10-53-13-137 sshd[6486]: fatal: buffer_get_int: buffer error
  186. Feb 25 16:41:50 ip-10-53-13-137 sshd[6486]: PAM audit_log_acct_message() failed: Operation not permitted
  187. Feb 25 16:41:50 ip-10-53-13-137 sshd[6486]: error: cannot write into audit
  188. Feb 25 16:41:50 ip-10-53-13-137 sshd[6486]: error: cannot write into audit
  189. Feb 25 16:41:50 ip-10-53-13-137 sshd[6487]: fatal: mm_request_send: write: Broken pipe
  190. Feb 25 16:42:02 ip-10-53-13-137 sshd[6488]: error: buffer_get_ret: trying to get more bytes 4 than in buffer 0
  191. Feb 25 16:42:02 ip-10-53-13-137 sshd[6488]: fatal: buffer_get_int: buffer error
  192. Feb 25 16:42:02 ip-10-53-13-137 sshd[6488]: PAM audit_log_acct_message() failed: Operation not permitted
  193. Feb 25 16:42:02 ip-10-53-13-137 sshd[6488]: error: cannot write into audit
  194. Feb 25 16:42:02 ip-10-53-13-137 sshd[6488]: error: cannot write into audit
  195. Feb 25 16:42:02 ip-10-53-13-137 sshd[6489]: fatal: mm_request_send: write: Broken pipe
  196. Feb 25 16:42:14 ip-10-53-13-137 sshd[6490]: error: buffer_get_ret: trying to get more bytes 4 than in buffer 0
  197. Feb 25 16:42:14 ip-10-53-13-137 sshd[6490]: fatal: buffer_get_int: buffer error
  198. Feb 25 16:42:14 ip-10-53-13-137 sshd[6490]: PAM audit_log_acct_message() failed: Operation not permitted
  199. Feb 25 16:42:14 ip-10-53-13-137 sshd[6490]: error: cannot write into audit
  200. Feb 25 16:42:14 ip-10-53-13-137 sshd[6490]: error: cannot write into audit
  201. Feb 25 16:42:14 ip-10-53-13-137 sshd[6491]: fatal: mm_request_send: write: Broken pipe
  202. Feb 25 16:42:26 ip-10-53-13-137 sshd[6493]: error: buffer_get_ret: trying to get more bytes 4 than in buffer 0
  203. Feb 25 16:42:26 ip-10-53-13-137 sshd[6493]: fatal: buffer_get_int: buffer error
  204. Feb 25 16:42:26 ip-10-53-13-137 sshd[6493]: PAM audit_log_acct_message() failed: Operation not permitted
  205. Feb 25 16:42:26 ip-10-53-13-137 sshd[6493]: error: cannot write into audit
  206. Feb 25 16:42:26 ip-10-53-13-137 sshd[6493]: error: cannot write into audit
  207. Feb 25 16:42:26 ip-10-53-13-137 sshd[6494]: fatal: mm_request_send: write: Broken pipe
  208. Feb 25 16:42:38 ip-10-53-13-137 sshd[6495]: error: buffer_get_ret: trying to get more bytes 4 than in buffer 0
  209. Feb 25 16:42:38 ip-10-53-13-137 sshd[6495]: fatal: buffer_get_int: buffer error
  210. Feb 25 16:42:38 ip-10-53-13-137 sshd[6495]: PAM audit_log_acct_message() failed: Operation not permitted
  211. Feb 25 16:42:38 ip-10-53-13-137 sshd[6495]: error: cannot write into audit
  212. Feb 25 16:42:38 ip-10-53-13-137 sshd[6495]: error: cannot write into audit
  213. Feb 25 16:42:38 ip-10-53-13-137 sshd[6496]: fatal: mm_request_send: write: Broken pipe
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!