Advertisement
Guest User

Untitled

a guest
May 12th, 2019
116
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 15.16 KB | None | 0 0
  1. # tail -f /var/log/auth.log May 12 06:03:11 raspberrypi sshd[15921]: Accepted password for syd from 68.224.171.98 port 39072 ssh2 May 12 06:03:11 raspberrypi sshd[15921]: pam_unix(sshd:session): session opened for user syd by (uid=0) May 12 06:03:11 raspberrypi systemd-logind[351]: New session c29 of user syd. May 12 06:03:38 raspberrypi CRON[15906]: pam_unix(cron:session): session closed for user root May 12 06:05:06 raspberrypi sudo: syd : TTY=pts/5 ; PWD=/home/syd ; USER=root ; COMMAND=/bin/su May 12 06:05:06 raspberrypi sudo: pam_unix(sudo:session): session opened for user root by syd(uid=0)
  2. May 12 06:05:06 raspberrypi su[15960]: Successful su for root by root May 12 06:05:06 raspberrypi su[15960]: + /dev/pts/5 root:root
  3. May 12 06:05:06 raspberrypi su[15960]: pam_unix(su:session): session opened for user root by syd(uid=0)
  4. May 12 06:05:06 raspberrypi su[15960]: pam_systemd(su:session): Cannot create session: Already running in a session
  5. May 12 06:05:38 raspberrypi sshd[15973]: error: Received disconnect from 68.224.171.98 port 39160:3: com.jcraft.jsch.JSchException: Auth cancel [preauth] May 12 06:05:38 raspberrypi sshd[15973]: Disconnected from 68.224.171.98 port 39160 [preauth]
  6. May 12 06:05:43 raspberrypi sshd[15977]: error: Received disconnect from 68.224.171.98 port 39162:3: com.jcraft.jsch.JSchException: Auth cancel [preauth]
  7. May 12 06:05:43 raspberrypi sshd[15977]: Disconnected from 68.224.171.98 port 39162 [preauth]
  8. ^C root@raspberrypi:/home/syd # tail -f /var/log/auth.log
  9. May 12 06:06:26 raspberrypi sshd[15987]: debug3: already daemonized May 12 06:06:26 raspberrypi sshd[15987]: debug3: oom_adjust_setup May 12 06:06:26 raspberrypi sshd[15987]: debug1: Set /proc/self/oom_score_adj from 0 to -1000
  10. May 12 06:06:26 raspberrypi sshd[15987]: debug2: fd 3 setting O_NONBLOCK May 12 06:06:26 raspberrypi sshd[15987]: debug1: Bind to port 22 on 0.0.0.0.
  11. May 12 06:06:26 raspberrypi sshd[15987]: Server listening on 0.0.0.0 port 22.
  12. May 12 06:06:26 raspberrypi sshd[15987]: debug2: fd 4 setting O_NONBLOCK
  13. May 12 06:06:26 raspberrypi sshd[15987]: debug3: sock_set_v6only: set socket 4 IPV6_V6ONLY
  14. May 12 06:06:26 raspberrypi sshd[15987]: debug1: Bind to port 22 on ::.
  15. May 12 06:06:26 raspberrypi sshd[15987]: Server listening on :: port 22.
  16. May 12 06:06:41 raspberrypi sshd[15987]: debug3: fd 5 is not O_NONBLOCK
  17. May 12 06:06:41 raspberrypi sshd[15989]: debug3: oom_adjust_restore
  18. May 12 06:06:41 raspberrypi sshd[15987]: debug1: Forked child 15989.
  19. May 12 06:06:41 raspberrypi sshd[15989]: debug1: Set /proc/self/oom_score_adj to 0
  20. May 12 06:06:41 raspberrypi sshd[15987]: debug3: send_rexec_state: entering fd = 8 config len 444
  21. May 12 06:06:41 raspberrypi sshd[15987]: debug3: ssh_msg_send: type 0
  22. May 12 06:06:41 raspberrypi sshd[15989]: debug1: rexec start in 5 out 5 newsock 5 pipe 7 sock 8
  23. May 12 06:06:41 raspberrypi sshd[15987]: debug3: send_rexec_state: done
  24. May 12 06:06:41 raspberrypi sshd[15989]: debug1: inetd sockets after dupping: 3, 3
  25. May 12 06:06:41 raspberrypi sshd[15989]: Connection from 68.224.171.98 port 39170 on 192.168.1.246 port 22
  26. May 12 06:06:41 raspberrypi sshd[15989]: debug1: Client protocol version 2.0; client software version JuiceSSH
  27. May 12 06:06:41 raspberrypi sshd[15989]: debug1: no match: JuiceSSH
  28. May 12 06:06:41 raspberrypi sshd[15989]: debug1: Local version string SSH-2.0-OpenSSH_7.4p1 Raspbian-10+deb9u6
  29. May 12 06:06:41 raspberrypi sshd[15989]: debug1: Enabling compatibility mode for protocol 2.0
  30. May 12 06:06:41 raspberrypi sshd[15989]: debug2: fd 3 setting O_NONBLOCK
  31. May 12 06:06:41 raspberrypi sshd[15989]: debug3: ssh_sandbox_init: preparing seccomp filter sandbox
  32. May 12 06:06:41 raspberrypi sshd[15989]: debug2: Network child is on pid 15990
  33. May 12 06:06:41 raspberrypi sshd[15989]: debug3: preauth child monitor started
  34. May 12 06:06:41 raspberrypi sshd[15989]: debug3: privsep user:group 107:65534 [preauth]
  35. May 12 06:06:41 raspberrypi sshd[15989]: debug1: permanently_set_uid: 107/65534 [preauth]
  36. May 12 06:06:41 raspberrypi sshd[15989]: debug3: ssh_sandbox_child: setting PR_SET_NO_NEW_PRIVS [preauth]
  37. May 12 06:06:41 raspberrypi sshd[15989]: debug3: ssh_sandbox_child: attaching seccomp filter program [preauth]
  38. May 12 06:06:41 raspberrypi sshd[15989]: debug1: list_hostkey_types: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
  39. May 12 06:06:41 raspberrypi sshd[15989]: debug3: send packet: type 20 [preauth]
  40. May 12 06:06:41 raspberrypi sshd[15989]: debug1: SSH2_MSG_KEXINIT sent [preauth]
  41. May 12 06:06:41 raspberrypi sshd[15989]: debug3: receive packet: type 20 [preauth]
  42. May 12 06:06:41 raspberrypi sshd[15989]: debug1: SSH2_MSG_KEXINIT received [preauth]May 12 06:06:41 raspberrypi sshd[15989]: debug2: local server KEXINIT proposal [preauth]
  43. May 12 06:06:41 raspberrypi sshd[15989]: debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1 [preauth]
  44. May 12 06:06:41 raspberrypi sshd[15989]: debug2: host key algorithms: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
  45. May 12 06:06:41 raspberrypi sshd[15989]: debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com [preauth]
  46. May 12 06:06:41 raspberrypi sshd[15989]: debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com [preauth]
  47. May 12 06:06:41 raspberrypi sshd[15989]: debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth]
  48. May 12 06:06:41 raspberrypi sshd[15989]: debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth]
  49. May 12 06:06:41 raspberrypi sshd[15989]: debug2: compression ctos: none,zlib@openssh.com [preauth]
  50. May 12 06:06:41 raspberrypi sshd[15989]: debug2: compression stoc: none,zlib@openssh.com [preauth]
  51. May 12 06:06:41 raspberrypi sshd[15989]: debug2: languages ctos: [preauth]
  52. May 12 06:06:41 raspberrypi sshd[15989]: debug2: languages stoc: [preauth]
  53. May 12 06:06:41 raspberrypi sshd[15989]: debug2: first_kex_follows 0 [preauth]
  54. May 12 06:06:41 raspberrypi sshd[15989]: debug2: reserved 0 [preauth]
  55. May 12 06:06:41 raspberrypi sshd[15989]: debug2: peer client KEXINIT proposal [preauth]
  56. May 12 06:06:41 raspberrypi sshd[15989]: debug2: KEX algorithms: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth]
  57. May 12 06:06:41 raspberrypi sshd[15989]: debug2: host key algorithms: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521 [preauth]
  58. May 12 06:06:41 raspberrypi sshd[15989]: debug2: ciphers ctos: aes128-ctr,aes128-cbc,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr [preauth]
  59. May 12 06:06:41 raspberrypi sshd[15989]: debug2: ciphers stoc: aes128-ctr,aes128-cbc,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr [preauth]
  60. May 12 06:06:41 raspberrypi sshd[15989]: debug2: MACs ctos: hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96 [preauth]
  61. May 12 06:06:41 raspberrypi sshd[15989]: debug2: MACs stoc: hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha1-96,hmac-md5-96 [preauth]
  62. May 12 06:06:41 raspberrypi sshd[15989]: debug2: compression ctos: zlib@openssh.com,zlib,none [preauth]
  63. May 12 06:06:41 raspberrypi sshd[15989]: debug2: compression stoc: zlib@openssh.com,zlib,none [preauth]
  64. May 12 06:06:41 raspberrypi sshd[15989]: debug2: languages ctos: [preauth]
  65. May 12 06:06:41 raspberrypi sshd[15989]: debug2: languages stoc: [preauth]
  66. May 12 06:06:41 raspberrypi sshd[15989]: debug2: first_kex_follows 0 [preauth]
  67. May 12 06:06:41 raspberrypi sshd[15989]: debug2: reserved 0 [preauth]
  68. May 12 06:06:41 raspberrypi sshd[15989]: debug1: kex: algorithm: ecdh-sha2-nistp256 [preauth]
  69. May 12 06:06:41 raspberrypi sshd[15989]: debug1: kex: host key algorithm: ssh-rsa [preauth]
  70. May 12 06:06:41 raspberrypi sshd[15989]: debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha1 compression: zlib@openssh.com [preauth]
  71. May 12 06:06:41 raspberrypi sshd[15989]: debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha1 compression: zlib@openssh.com [preauth]
  72. May 12 06:06:41 raspberrypi sshd[15989]: debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
  73. May 12 06:06:41 raspberrypi sshd[15989]: debug3: receive packet: type 30 [preauth]
  74. May 12 06:06:41 raspberrypi sshd[15989]: debug3: mm_key_sign entering [preauth]
  75. May 12 06:06:41 raspberrypi sshd[15989]: debug3: mm_request_send entering: type 6 [preauth]
  76. May 12 06:06:41 raspberrypi sshd[15989]: debug3: mm_key_sign: waiting for MONITOR_ANS_SIGN [preauth]
  77. May 12 06:06:41 raspberrypi sshd[15989]: debug3: mm_request_receive_expect entering: type 7 [preauth]
  78. May 12 06:06:41 raspberrypi sshd[15989]: debug3: mm_request_receive entering [preauth]
  79. May 12 06:06:41 raspberrypi sshd[15989]: debug3: mm_request_receive entering
  80. May 12 06:06:41 raspberrypi sshd[15989]: debug3: monitor_read: checking request 6
  81. May 12 06:06:41 raspberrypi sshd[15989]: debug3: mm_answer_sign
  82. May 12 06:06:41 raspberrypi sshd[15989]: debug3: mm_answer_sign: hostkey proof signature 0xb96fb8(271)
  83. May 12 06:06:41 raspberrypi sshd[15989]: debug3: mm_request_send entering: type 7
  84. May 12 06:06:41 raspberrypi sshd[15989]: debug2: monitor_read: 6 used once, disabling now
  85. May 12 06:06:41 raspberrypi sshd[15989]: debug3: send packet: type 31 [preauth]
  86. May 12 06:06:41 raspberrypi sshd[15989]: debug3: send packet: type 21 [preauth]
  87. May 12 06:06:41 raspberrypi sshd[15989]: debug2: set_newkeys: mode 1 [preauth]
  88. May 12 06:06:41 raspberrypi sshd[15989]: debug1: rekey after 4294967296 blocks [preauth]
  89. May 12 06:06:41 raspberrypi sshd[15989]: debug1: SSH2_MSG_NEWKEYS sent [preauth]
  90. May 12 06:06:41 raspberrypi sshd[15989]: debug1: expecting SSH2_MSG_NEWKEYS [preauth]
  91. May 12 06:06:41 raspberrypi sshd[15989]: debug3: receive packet: type 21 [preauth]
  92. May 12 06:06:41 raspberrypi sshd[15989]: debug1: SSH2_MSG_NEWKEYS received [preauth]May 12 06:06:41 raspberrypi sshd[15989]: debug2: set_newkeys: mode 0 [preauth]
  93. May 12 06:06:41 raspberrypi sshd[15989]: debug1: rekey after 4294967296 blocks [preauth]
  94. May 12 06:06:41 raspberrypi sshd[15989]: debug1: KEX done [preauth]
  95. May 12 06:06:42 raspberrypi sshd[15989]: debug3: receive packet: type 5 [preauth]
  96. May 12 06:06:42 raspberrypi sshd[15989]: debug3: send packet: type 6 [preauth]
  97. May 12 06:06:42 raspberrypi sshd[15989]: debug3: receive packet: type 50 [preauth]
  98. May 12 06:06:42 raspberrypi sshd[15989]: debug1: userauth-request for user syd service ssh-connection method none [preauth]
  99. May 12 06:06:42 raspberrypi sshd[15989]: debug1: attempt 0 failures 0 [preauth]
  100. May 12 06:06:42 raspberrypi sshd[15989]: debug3: mm_getpwnamallow entering [preauth]May 12 06:06:42 raspberrypi sshd[15989]: debug3: mm_request_send entering: type 8 [preauth]
  101. May 12 06:06:42 raspberrypi sshd[15989]: debug3: mm_getpwnamallow: waiting for MONITOR_ANS_PWNAM [preauth]
  102. May 12 06:06:42 raspberrypi sshd[15989]: debug3: mm_request_receive_expect entering: type 9 [preauth]
  103. May 12 06:06:42 raspberrypi sshd[15989]: debug3: mm_request_receive entering [preauth]
  104. May 12 06:06:42 raspberrypi sshd[15989]: debug3: mm_request_receive entering
  105. May 12 06:06:42 raspberrypi sshd[15989]: debug3: monitor_read: checking request 8
  106. May 12 06:06:42 raspberrypi sshd[15989]: debug3: mm_answer_pwnamallow
  107. May 12 06:06:42 raspberrypi sshd[15989]: debug2: parse_server_config: config reprocess config len 444
  108. May 12 06:06:42 raspberrypi sshd[15989]: debug3: mm_answer_pwnamallow: sending MONITOR_ANS_PWNAM: 1
  109. May 12 06:06:42 raspberrypi sshd[15989]: debug3: mm_request_send entering: type 9
  110. May 12 06:06:42 raspberrypi sshd[15989]: debug2: monitor_read: 8 used once, disabling now
  111. May 12 06:06:42 raspberrypi sshd[15989]: debug2: input_userauth_request: setting up authctxt for syd [preauth]
  112. May 12 06:06:42 raspberrypi sshd[15989]: debug3: mm_start_pam entering [preauth]
  113. May 12 06:06:42 raspberrypi sshd[15989]: debug3: mm_request_send entering: type 100 [preauth]
  114. May 12 06:06:42 raspberrypi sshd[15989]: debug3: mm_inform_authserv entering [preauth]
  115. May 12 06:06:42 raspberrypi sshd[15989]: debug3: mm_request_send entering: type 4 [preauth]
  116. May 12 06:06:42 raspberrypi sshd[15989]: debug2: input_userauth_request: try method none [preauth]
  117. May 12 06:06:42 raspberrypi sshd[15989]: debug3: userauth_finish: failure partial=0 next methods="publickey,password" [preauth]
  118. May 12 06:06:42 raspberrypi sshd[15989]: debug3: send packet: type 51 [preauth]
  119. May 12 06:06:42 raspberrypi sshd[15989]: debug3: mm_request_receive entering
  120. May 12 06:06:42 raspberrypi sshd[15989]: debug3: monitor_read: checking request 100
  121. May 12 06:06:42 raspberrypi sshd[15989]: debug1: PAM: initializing for "syd"
  122. May 12 06:06:42 raspberrypi sshd[15989]: debug1: PAM: setting PAM_RHOST to "68.224.171.98"
  123. May 12 06:06:42 raspberrypi sshd[15989]: debug1: PAM: setting PAM_TTY to "ssh"
  124. May 12 06:06:42 raspberrypi sshd[15989]: debug2: monitor_read: 100 used once, disabling now
  125. May 12 06:06:42 raspberrypi sshd[15989]: debug3: mm_request_receive entering
  126. May 12 06:06:42 raspberrypi sshd[15989]: debug3: monitor_read: checking request 4
  127. May 12 06:06:42 raspberrypi sshd[15989]: debug3: mm_answer_authserv: service=ssh-connection, style=, role=
  128. May 12 06:06:42 raspberrypi sshd[15989]: debug2: monitor_read: 4 used once, disabling now
  129. May 12 06:06:42 raspberrypi sshd[15989]: debug3: receive packet: type 1 [preauth]
  130. May 12 06:06:42 raspberrypi sshd[15989]: error: Received disconnect from 68.224.171.98 port 39170:3: com.jcraft.jsch.JSchException: Auth cancel [preauth]
  131. May 12 06:06:42 raspberrypi sshd[15989]: Disconnected from 68.224.171.98 port 39170 [preauth]
  132. May 12 06:06:42 raspberrypi sshd[15989]: debug1: do_cleanup [preauth]
  133. May 12 06:06:42 raspberrypi sshd[15989]: debug3: PAM: sshpam_thread_cleanup entering [preauth]
  134. May 12 06:06:42 raspberrypi sshd[15989]: debug1: monitor_read_log: child log fd closed
  135. May 12 06:06:42 raspberrypi sshd[15989]: debug3: mm_request_receive entering
  136. May 12 06:06:42 raspberrypi sshd[15989]: debug1: do_cleanup
  137. May 12 06:06:42 raspberrypi sshd[15989]: debug1: PAM: cleanup
  138. May 12 06:06:42 raspberrypi sshd[15989]: debug3: PAM: sshpam_thread_cleanup enteringMay 12 06:06:42 raspberrypi sshd[15989]: debug1: Killing privsep child 15990
  139. May 12 06:06:42 raspberrypi sshd[15989]: debug1: audit_event: unhandled event 12
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement