Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- type=USER_AUTH msg=audit(1494868813.971:543982): pid=18329 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:authentication grantors=pam_succeed_if,pam_sss acct="sbuehler" exe="/usr/sbin/sshd" hostname=66-87-124-196.pools.spcsdns.net addr=66.87.124.196 terminal=ssh res=success'
- type=USER_ACCT msg=audit(1494868813.987:543983): pid=18329 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:accounting grantors=pam_unix,pam_sss,pam_permit acct="sbuehler" exe="/usr/sbin/sshd" hostname=66-87-124-196.pools.spcsdns.net addr=66.87.124.196 terminal=ssh res=success'
- type=CRYPTO_KEY_USER msg=audit(1494868813.987:543984): pid=18329 uid=0 auid=4294967295 ses=4294967295 msg='op=destroy kind=session fp=? direction=both spid=18330 suid=74 rport=8417 laddr=155.37.254.147 lport=22 exe="/usr/sbin/sshd" hostname=? addr=66.87.124.196 terminal=? res=success'
- type=USER_AUTH msg=audit(1494868813.989:543985): pid=18329 uid=0 auid=4294967295 ses=4294967295 msg='op=success acct="sbuehler" exe="/usr/sbin/sshd" hostname=? addr=66.87.124.196 terminal=ssh res=success'
- type=CRED_ACQ msg=audit(1494868813.992:543986): pid=18329 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:setcred grantors=pam_localuser,pam_sss acct="sbuehler" exe="/usr/sbin/sshd" hostname=66-87-124-196.pools.spcsdns.net addr=66.87.124.196 terminal=ssh res=success'
- type=LOGIN msg=audit(1494868813.993:543987): pid=18329 uid=0 old-auid=4294967295 auid=16608 old-ses=4294967295 ses=29780 res=1
- type=CRYPTO_KEY_USER msg=audit(1494868919.505:543988): pid=18347 uid=0 auid=4294967295 ses=4294967295 msg='op=destroy kind=server fp=23:a9:0a:9a:8d:9d:27:ea:d2:b2:3f:cd:26:1b:a1:95 direction=? spid=18347 suid=0 exe="/usr/sbin/sshd" hostname=? addr=71.234.4.122 terminal=? res=success'
- type=CRYPTO_KEY_USER msg=audit(1494868919.505:543989): pid=18347 uid=0 auid=4294967295 ses=4294967295 msg='op=destroy kind=server fp=7a:20:9c:82:31:e6:46:95:3a:44:20:fe:0f:0e:e4:44 direction=? spid=18347 suid=0 exe="/usr/sbin/sshd" hostname=? addr=71.234.4.122 terminal=? res=success'
- type=CRYPTO_KEY_USER msg=audit(1494868919.506:543990): pid=18347 uid=0 auid=4294967295 ses=4294967295 msg='op=destroy kind=server fp=69:6e:ea:d8:6e:1d:bb:21:f5:91:68:be:d8:df:64:2e direction=? spid=18347 suid=0 exe="/usr/sbin/sshd" hostname=? addr=71.234.4.122 terminal=? res=success'
- type=CRYPTO_SESSION msg=audit(1494868919.534:543991): pid=18346 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256@libssh.org spid=18347 suid=74 rport=58846 laddr=155.37.254.147 lport=22 exe="/usr/sbin/sshd" hostname=? addr=71.234.4.122 terminal=? res=success'
- type=CRYPTO_SESSION msg=audit(1494868919.534:543992): pid=18346 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256@libssh.org spid=18347 suid=74 rport=58846 laddr=155.37.254.147 lport=22 exe="/usr/sbin/sshd" hostname=? addr=71.234.4.122 terminal=? res=success'
- //////
- type=USER_AUTH msg=audit(1494868813.971:543982): pid=18329 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:authentication grantors=pam_succeed_if,pam_sss acct="sbuehler" exe="/usr/sbin/sshd" hostname=66-87-124-196.pools.spcsdns.net addr=66.87.124.196 terminal=ssh res=success'
- type=USER_ACCT msg=audit(1494868813.987:543983): pid=18329 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:accounting grantors=pam_unix,pam_sss,pam_permit acct="sbuehler" exe="/usr/sbin/sshd" hostname=66-87-124-196.pools.spcsdns.net addr=66.87.124.196 terminal=ssh res=success'
- type=CRYPTO_KEY_USER msg=audit(1494868813.987:543984): pid=18329 uid=0 auid=4294967295 ses=4294967295 msg='op=destroy kind=session fp=? direction=both spid=18330 suid=74 rport=8417 laddr=155.37.254.147 lport=22 exe="/usr/sbin/sshd" hostname=? addr=66.87.124.196 terminal=? res=success'
- type=USER_AUTH msg=audit(1494868813.989:543985): pid=18329 uid=0 auid=4294967295 ses=4294967295 msg='op=success acct="sbuehler" exe="/usr/sbin/sshd" hostname=? addr=66.87.124.196 terminal=ssh res=success'
- type=CRED_ACQ msg=audit(1494868813.992:543986): pid=18329 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:setcred grantors=pam_localuser,pam_sss acct="sbuehler" exe="/usr/sbin/sshd" hostname=66-87-124-196.pools.spcsdns.net addr=66.87.124.196 terminal=ssh res=success'
- type=LOGIN msg=audit(1494868813.993:543987): pid=18329 uid=0 old-auid=4294967295 auid=16608 old-ses=4294967295 ses=29780 res=1
- type=CRYPTO_KEY_USER msg=audit(1494868919.505:543988): pid=18347 uid=0 auid=4294967295 ses=4294967295 msg='op=destroy kind=server fp=23:a9:0a:9a:8d:9d:27:ea:d2:b2:3f:cd:26:1b:a1:95 direction=? spid=18347 suid=0 exe="/usr/sbin/sshd" hostname=? addr=71.234.4.122 terminal=? res=success'
- type=CRYPTO_KEY_USER msg=audit(1494868919.505:543989): pid=18347 uid=0 auid=4294967295 ses=4294967295 msg='op=destroy kind=server fp=7a:20:9c:82:31:e6:46:95:3a:44:20:fe:0f:0e:e4:44 direction=? spid=18347 suid=0 exe="/usr/sbin/sshd" hostname=? addr=71.234.4.122 terminal=? res=success'
- type=CRYPTO_KEY_USER msg=audit(1494868919.506:543990): pid=18347 uid=0 auid=4294967295 ses=4294967295 msg='op=destroy kind=server fp=69:6e:ea:d8:6e:1d:bb:21:f5:91:68:be:d8:df:64:2e direction=? spid=18347 suid=0 exe="/usr/sbin/sshd" hostname=? addr=71.234.4.122 terminal=? res=success'
- type=CRYPTO_SESSION msg=audit(1494868919.534:543991): pid=18346 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256@libssh.org spid=18347 suid=74 rport=58846 laddr=155.37.254.147 lport=22 exe="/usr/sbin/sshd" hostname=? addr=71.234.4.122 terminal=? res=success'
- type=CRYPTO_SESSION msg=audit(1494868919.534:543992): pid=18346 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256@libssh.org spid=18347 suid=74 rport=58846 laddr=155.37.254.147 lport=22 exe="/usr/sbin/sshd" hostname=? addr=71.234.4.122 terminal=? res=success'
- /////
- type=USER_AUTH msg=audit(1494622574.217:527041): pid=16801 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:authentication grantors=pam_succeed_if,pam_sss acct="egrau" exe="/usr/sbin/sshd" hostname=50-1-7-111.dsl.dynamic.fusionbroadband.com addr=50.1.7.111 terminal=ssh res=success'
- type=USER_ACCT msg=audit(1494622574.230:527042): pid=16801 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:accounting grantors=pam_unix,pam_sss,pam_permit acct="egrau" exe="/usr/sbin/sshd" hostname=50-1-7-111.dsl.dynamic.fusionbroadband.com addr=50.1.7.111 terminal=ssh res=success'
- type=CRYPTO_KEY_USER msg=audit(1494622574.231:527043): pid=16801 uid=0 auid=4294967295 ses=4294967295 msg='op=destroy kind=session fp=? direction=both spid=16802 suid=74 rport=51015 laddr=155.37.254.147 lport=22 exe="/usr/sbin/sshd" hostname=? addr=50.1.7.111 terminal=? res=success'
- type=USER_AUTH msg=audit(1494622574.234:527044): pid=16801 uid=0 auid=4294967295 ses=4294967295 msg='op=success acct="egrau" exe="/usr/sbin/sshd" hostname=? addr=50.1.7.111 terminal=ssh res=success'
- type=CRED_ACQ msg=audit(1494622574.236:527045): pid=16801 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:setcred grantors=pam_localuser,pam_sss acct="egrau" exe="/usr/sbin/sshd" hostname=50-1-7-111.dsl.dynamic.fusionbroadband.com addr=50.1.7.111 terminal=ssh res=success'
- type=LOGIN msg=audit(1494622574.236:527046): pid=16801 uid=0 old-auid=4294967295 auid=5728 old-ses=4294967295 ses=28881 res=1
- type=USER_START msg=audit(1494622574.346:527047): pid=16801 uid=0 auid=5728 ses=28881 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_sss,pam_lastlog acct="egrau" exe="/usr/sbin/sshd" hostname=50-1-7-111.dsl.dynamic.fusionbroadband.com addr=50.1.7.111 terminal=ssh res=success'
- type=CRYPTO_KEY_USER msg=audit(1494622574.348:527048): pid=16801 uid=0 auid=5728 ses=28881 msg='op=destroy kind=session fp=? direction=both spid=16801 suid=0 rport=51015 laddr=155.37.254.147 lport=22 exe="/usr/sbin/sshd" hostname=? addr=50.1.7.111 terminal=? res=success'
- type=CRYPTO_KEY_USER msg=audit(1494622574.348:527049): pid=16810 uid=0 auid=5728 ses=28881 msg='op=destroy kind=server fp=23:a9:0a:9a:8d:9d:27:ea:d2:b2:3f:cd:26:1b:a1:95 direction=? spid=16810 suid=0 exe="/usr/sbin/sshd" hostname=? addr=50.1.7.111 terminal=? res=success'
- type=CRYPTO_KEY_USER msg=audit(1494622574.349:527050): pid=16810 uid=0 auid=5728 ses=28881 msg='op=destroy kind=server fp=7a:20:9c:82:31:e6:46:95:3a:44:20:fe:0f:0e:e4:44 direction=? spid=16810 suid=0 exe="/usr/sbin/sshd" hostname=? addr=50.1.7.111 terminal=? res=success'
- type=CRYPTO_KEY_USER msg=audit(1494622574.349:527051): pid=16810 uid=0 auid=5728 ses=28881 msg='op=destroy kind=server fp=69:6e:ea:d8:6e:1d:bb:21:f5:91:68:be:d8:df:64:2e direction=? spid=16810 suid=0 exe="/usr/sbin/sshd" hostname=? addr=50.1.7.111 terminal=? res=success'
- type=CRED_ACQ msg=audit(1494622574.350:527052): pid=16810 uid=0 auid=5728 ses=28881 msg='op=PAM:setcred grantors=pam_localuser,pam_sss acct="egrau" exe="/usr/sbin/sshd" hostname=50-1-7-111.dsl.dynamic.fusionbroadband.com addr=50.1.7.111 terminal=ssh res=success'
- type=USER_LOGIN msg=audit(1494622574.646:527053): pid=16801 uid=0 auid=5728 ses=28881 msg='op=login id=5728 exe="/usr/sbin/sshd" hostname=50-1-7-111.dsl.dynamic.fusionbroadband.com addr=50.1.7.111 terminal=/dev/pts/0 res=success'
- type=USER_START msg=audit(1494622574.646:527054): pid=16801 uid=0 auid=5728 ses=28881 msg='op=login id=5728 exe="/usr/sbin/sshd" hostname=50-1-7-111.dsl.dynamic.fusionbroadband.com addr=50.1.7.111 terminal=/dev/pts/0 res=success'
- type=CRYPTO_KEY_USER msg=audit(1494622574.658:527055): pid=16801 uid=0 auid=5728 ses=28881 msg='op=destroy kind=server fp=69:6e:ea:d8:6e:1d:bb:21:f5:91:68:be:d8:df:64:2e direction=? spid=16811 suid=5728 exe="/usr/sbin/sshd" hostname=? addr=50.1.7.111 terminal=? res=success'
- type=CRYPTO_KEY_USER msg=audit(1494622576.862:527056): pid=16849 uid=0 auid=4294967295 ses=4294967295 msg='op=destroy kind=server fp=23:a9:0a:9a:8d:9d:27:ea:d2:b2:3f:cd:26:1b:a1:95 direction=? spid=16849 suid=0 exe="/usr/sbin/sshd" hostname=? addr=121.18.238.123 terminal=? res=success'
- type=CRYPTO_KEY_USER msg=audit(1494622576.862:527057): pid=16849 uid=0 auid=4294967295 ses=4294967295 msg='op=destroy kind=server fp=7a:20:9c:82:31:e6:46:95:3a:44:20:fe:0f:0e:e4:44 direction=? spid=16849 suid=0 exe="/usr/sbin/sshd" hostname=? addr=121.18.238.123 terminal=? res=success'
- type=CRYPTO_KEY_USER msg=audit(1494622576.862:527058): pid=16849 uid=0 auid=4294967295 ses=4294967295 msg='op=destroy kind=server fp=69:6e:ea:d8:6e:1d:bb:21:f5:91:68:be:d8:df:64:2e direction=? spid=16849 suid=0 exe="/usr/sbin/sshd" hostname=? addr=121.18.238.123 terminal=? res=success'
- type=CRYPTO_SESSION msg=audit(1494622577.124:527059): pid=16848 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-server cipher=aes128-ctr ksize=128 mac=hmac-sha1 pfs=diffie-hellman-group14-sha1 spid=16849 suid=74 rport=35090 laddr=155.37.254.147 lport=22 exe="/usr/sbin/sshd" hostname=? addr=121.18.238.123 terminal=? res=success'
- type=CRYPTO_SESSION msg=audit(1494622577.124:527060): pid=16848 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-client cipher=aes128-ctr ksize=128 mac=hmac-sha1 pfs=diffie-hellman-group14-sha1 spid=16849 suid=74 rport=35090 laddr=155.37.254.147 lport=22 exe="/usr/sbin/sshd" hostname=? addr=121.18.238.123 terminal=? res=success'
- type=CRYPTO_KEY_USER msg=audit(1494622579.059:527061): pid=16848 uid=0 auid=4294967295 ses=4294967295 msg='op=destroy kind=server fp=69:6e:ea:d8:6e:1d:bb:21:f5:91:68:be:d8:df:64:2e direction=? spid=16849 suid=74 exe="/usr/sbin/sshd" hostname=? addr=121.18.238.123 terminal=? res=success'
- type=CRYPTO_KEY_USER msg=audit(1494622579.059:527062): pid=16848 uid=0 auid=4294967295 ses=4294967295 msg='op=destroy kind=session fp=? direction=both spid=16849 suid=74 rport=35090 laddr=155.37.254.147 lport=22 exe="/usr/sbin/sshd" hostname=? addr=121.18.238.123 terminal=? res=success'
- type=CRYPTO_KEY_USER msg=audit(1494622579.059:527063): pid=16848 uid=0 auid=4294967295 ses=4294967295 msg='op=destroy kind=server fp=23:a9:0a:9a:8d:9d:27:ea:d2:b2:3f:cd:26:1b:a1:95 direction=? spid=16848 suid=0 exe="/usr/sbin/sshd" hostname=? addr=121.18.238.123 terminal=? res=success'
- type=CRYPTO_KEY_USER msg=audit(1494622579.061:527064): pid=16848 uid=0 auid=4294967295 ses=4294967295 msg='op=destroy kind=server fp=7a:20:9c:82:31:e6:46:95:3a:44:20:fe:0f:0e:e4:44 direction=? spid=16848 suid=0 exe="/usr/sbin/sshd" hostname=? addr=121.18.238.123 terminal=? res=success'
- type=CRYPTO_KEY_USER msg=audit(1494622579.061:527065): pid=16848 uid=0 auid=4294967295 ses=4294967295 msg='op=destroy kind=server fp=69:6e:ea:d8:6e:1d:bb:21:f5:91:68:be:d8:df:64:2e direction=? spid=16848 suid=0 exe="/usr/sbin/sshd" hostname=? addr=121.18.238.123 terminal=? res=success'
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement