(unknown :0 :0 Tues Jul 4 06:51 - 06:51 (00:00) #

1. (unknown :0 :0 Tues Jul 4 06:51 - 06:51 (00:00)
2.  
3. # grep --color=auto -A 10 -B 10 "unknown|Unknown" auth.log.*
4.  
5. auth.log.1-Jul 4 06:51:41 magic gdm-launch-environment]: pam_unix(gdm-launch-environment:session): session opened for user Debian-gdm by (uid=0)
6. auth.log.1-Jul 4 06:51:41 magic systemd-logind[3291]: New session c1 of user Debian-gdm.
7. auth.log.1-Jul 4 06:51:41 magic systemd: pam_unix(systemd-user:session): session opened for user Debian-gdm by (uid=0)
8. auth.log.1-Jul 4 06:51:42 magic CRON[3329]: pam_unix(cron:session): session closed for user logcheck
9. auth.log.1-Jul 4 06:51:42 magic polkitd(authority=local): Registered Authentication Agent for unix-session:c1 (system bus name :1.21 [gnome-shell --mode=gdm], object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8)
10. auth.log.1-Jul 4 06:51:52 magic gdm-password]: pam_unix(gdm-password:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=user
11. auth.log.1:Jul 4 06:52:03 magic gdm-password]: pam_unix(gdm-password:session): session opened for user user by (unknown)(uid=0)
12. auth.log.1-Jul 4 06:52:03 magic systemd-logind[3291]: New session 3 of user user.
13. auth.log.1-Jul 4 06:52:03 magic systemd: pam_unix(systemd-user:session): session opened for user user by (uid=0)
14. auth.log.1-Jul 4 06:52:03 magic polkitd(authority=local): Unregistered Authentication Agent for unix-session:c1 (system bus name :1.21, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8) (disconnected from bus)
15. auth.log.1-Jul 4 06:52:04 magic polkitd(authority=local): Registered Authentication Agent for unix-session:3 (system bus name :1.47 [/usr/bin/gnome-shell], object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.utf8)
16. auth.log.1-Jul 4 06:55:58 magic gnome-keyring-daemon[5159]: couldn't allocate secure memory to keep passwords and or keys from being written to the disk
17.  
18. Port 222
19. ListenAddress 127.127.127.127:222
20. Protocol 2
21. HostKey /etc/ssh/ssh_host_rsa_key
22. HostKey /etc/ssh/ssh_host_ed25519_key
23. # Insecure ancient DSA
24. #HostKey /etc/ssh/ssh_host_dsa_key
25. # Not certain whether we ought to trust elliptic curve or NIST
26. #HostKey /etc/ssh/ssh_host_ecdsa_key
27. UsePrivilegeSeparation yes
28. # Lifetime and size of ephemeral version 1 server key
29. KeyRegenerationInterval 3600
30. ServerKeyBits 4096
31. SyslogFacility AUTH
32. LogLevel INFO
33. LoginGraceTime 90
34. PermitRootLogin no
35. StrictModes yes
36. # Never use this deprecated crap
37. RSAAuthentication no
38. PubkeyAuthentication yes
39. # lock down to this group
40. AllowGroups ssh-users
41. AuthorizedKeysFile %h/.ssh/authorized_keys
42. IgnoreRhosts yes
43. RhostsRSAAuthentication no
44. # similar for protocol version 2
45. HostbasedAuthentication no
46. # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
47. #IgnoreUserKnownHosts yes
48. # To enable empty passwords, change to yes (NOT RECOMMENDED)
49. PermitEmptyPasswords no
50. ChallengeResponseAuthentication no
51. PasswordAuthentication no
52. X11Forwarding no
53. X11DisplayOffset 10
54. PrintMotd no
55. PrintLastLog yes
56. TCPKeepAlive yes
57. AcceptEnv LANG LC_*
58. # extra logging info for sftp
59. Subsystem sftp /usr/lib/openssh/sftp-server -f auth -l info
60. UsePAM yes
61. # hardened ciphering
62. MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-ripemd160-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,umac-128@openssh.com
63. KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256
64. Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr