ubuntu@ip-172-31-46-92:/var/log$ cat auth.log 
Jul 25 17:59:08 ip-172-31-46-92 useradd[1051]: new group: name=ubuntu, GID=1000
Jul 25 17:59:08 ip-172-31-46-92 useradd[1051]: new user: name=ubuntu, UID=1000, GID=1000, home=/home/ubuntu, shell=/bin/bash
Jul 25 17:59:08 ip-172-31-46-92 useradd[1051]: add 'ubuntu' to group 'adm'
Jul 25 17:59:08 ip-172-31-46-92 useradd[1051]: add 'ubuntu' to group 'dialout'
Jul 25 17:59:08 ip-172-31-46-92 useradd[1051]: add 'ubuntu' to group 'cdrom'
Jul 25 17:59:08 ip-172-31-46-92 useradd[1051]: add 'ubuntu' to group 'floppy'
Jul 25 17:59:08 ip-172-31-46-92 useradd[1051]: add 'ubuntu' to group 'sudo'
Jul 25 17:59:08 ip-172-31-46-92 useradd[1051]: add 'ubuntu' to group 'audio'
Jul 25 17:59:08 ip-172-31-46-92 useradd[1051]: add 'ubuntu' to group 'dip'
Jul 25 17:59:08 ip-172-31-46-92 useradd[1051]: add 'ubuntu' to group 'video'
Jul 25 17:59:08 ip-172-31-46-92 useradd[1051]: add 'ubuntu' to group 'plugdev'
Jul 25 17:59:08 ip-172-31-46-92 useradd[1051]: add 'ubuntu' to group 'netdev'
Jul 25 17:59:08 ip-172-31-46-92 useradd[1051]: add 'ubuntu' to group 'lxd'
Jul 25 17:59:08 ip-172-31-46-92 useradd[1051]: add 'ubuntu' to shadow group 'adm'
Jul 25 17:59:08 ip-172-31-46-92 useradd[1051]: add 'ubuntu' to shadow group 'dialout'
Jul 25 17:59:08 ip-172-31-46-92 useradd[1051]: add 'ubuntu' to shadow group 'cdrom'
Jul 25 17:59:08 ip-172-31-46-92 useradd[1051]: add 'ubuntu' to shadow group 'floppy'
Jul 25 17:59:08 ip-172-31-46-92 useradd[1051]: add 'ubuntu' to shadow group 'sudo'
Jul 25 17:59:08 ip-172-31-46-92 useradd[1051]: add 'ubuntu' to shadow group 'audio'
Jul 25 17:59:08 ip-172-31-46-92 useradd[1051]: add 'ubuntu' to shadow group 'dip'
Jul 25 17:59:08 ip-172-31-46-92 useradd[1051]: add 'ubuntu' to shadow group 'video'
Jul 25 17:59:08 ip-172-31-46-92 useradd[1051]: add 'ubuntu' to shadow group 'plugdev'
Jul 25 17:59:08 ip-172-31-46-92 useradd[1051]: add 'ubuntu' to shadow group 'netdev'
Jul 25 17:59:08 ip-172-31-46-92 useradd[1051]: add 'ubuntu' to shadow group 'lxd'
Jul 25 17:59:08 ip-172-31-46-92 passwd[1056]: password for 'ubuntu' changed by 'root'
Jul 25 17:59:09 ip-172-31-46-92 sshd[1285]: Server listening on 0.0.0.0 port 22.
Jul 25 17:59:09 ip-172-31-46-92 sshd[1285]: Server listening on :: port 22.
Jul 25 17:59:09 ip-172-31-46-92 systemd-logind[1091]: Watching system buttons on /dev/input/event0 (Power Button)
Jul 25 17:59:09 ip-172-31-46-92 systemd-logind[1091]: Watching system buttons on /dev/input/event1 (Sleep Button)
Jul 25 17:59:09 ip-172-31-46-92 systemd-logind[1091]: New seat seat0.
Jul 25 18:17:01 ip-172-31-46-92 CRON[1362]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul 25 18:17:01 ip-172-31-46-92 CRON[1362]: pam_unix(cron:session): session closed for user root
Jul 25 18:17:29 ip-172-31-46-92 sshd[1285]: Received signal 15; terminating.
Jul 26 07:22:25 ip-172-31-46-92 sshd[1135]: Server listening on 0.0.0.0 port 22.
Jul 26 07:22:25 ip-172-31-46-92 sshd[1135]: Server listening on :: port 22.
Jul 26 07:22:25 ip-172-31-46-92 systemd-logind[1146]: Watching system buttons on /dev/input/event0 (Power Button)
Jul 26 07:22:25 ip-172-31-46-92 systemd-logind[1146]: Watching system buttons on /dev/input/event1 (Sleep Button)
Jul 26 07:22:25 ip-172-31-46-92 systemd-logind[1146]: New seat seat0.
Jul 26 07:33:44 ip-172-31-46-92 sshd[16287]: userauth_pubkey: key type ssh-dss not in PubkeyAcceptedKeyTypes [preauth]
Jul 26 07:33:44 ip-172-31-46-92 sshd[16287]: Connection closed by 195.212.29.184 port 48856 [preauth]
Jul 26 07:36:34 ip-172-31-46-92 sshd[16289]: Invalid user admin from 213.216.48.2
Jul 26 07:36:34 ip-172-31-46-92 sshd[16289]: input_userauth_request: invalid user admin [preauth]
Jul 26 07:36:34 ip-172-31-46-92 sshd[16289]: error: maximum authentication attempts exceeded for invalid user admin from 213.216.48.2 port 60935 ssh2 [preauth]
Jul 26 07:36:34 ip-172-31-46-92 sshd[16289]: Disconnecting: Too many authentication failures [preauth]
Jul 26 07:39:17 ip-172-31-46-92 sshd[16295]: userauth_pubkey: key type ssh-dss not in PubkeyAcceptedKeyTypes [preauth]
Jul 26 07:39:17 ip-172-31-46-92 sshd[16295]: Accepted publickey for ubuntu from 195.212.29.184 port 48902 ssh2: RSA SHA256:8f0RkWdZil4jBpv/fSX/mM6wlJatBgrUAETXiGUbegg
Jul 26 07:39:17 ip-172-31-46-92 sshd[16295]: pam_unix(sshd:session): session opened for user ubuntu by (uid=0)
Jul 26 07:39:17 ip-172-31-46-92 systemd: pam_unix(systemd-user:session): session opened for user ubuntu by (uid=0)
Jul 26 07:39:17 ip-172-31-46-92 systemd-logind[1146]: New session 1 of user ubuntu.
Jul 26 07:43:56 ip-172-31-46-92 sshd[16354]: Received disconnect from 195.212.29.184 port 48902:11: disconnected by user
Jul 26 07:43:56 ip-172-31-46-92 sshd[16354]: Disconnected from 195.212.29.184 port 48902
Jul 26 07:43:56 ip-172-31-46-92 sshd[16295]: pam_unix(sshd:session): session closed for user ubuntu
Jul 26 07:43:56 ip-172-31-46-92 systemd-logind[1146]: Removed session 1.
Jul 26 07:44:13 ip-172-31-46-92 sshd[1135]: Received signal 15; terminating.
Jul 26 11:15:05 ip-172-31-46-92 sshd[1119]: Server listening on 0.0.0.0 port 22.
Jul 26 11:15:05 ip-172-31-46-92 sshd[1119]: Server listening on :: port 22.
Jul 26 11:15:05 ip-172-31-46-92 systemd-logind[1124]: Watching system buttons on /dev/input/event0 (Power Button)
Jul 26 11:15:05 ip-172-31-46-92 systemd-logind[1124]: Watching system buttons on /dev/input/event1 (Sleep Button)
Jul 26 11:15:05 ip-172-31-46-92 systemd-logind[1124]: New seat seat0.
Jul 26 11:15:57 ip-172-31-46-92 sshd[1270]: userauth_pubkey: key type ssh-dss not in PubkeyAcceptedKeyTypes [preauth]
Jul 26 11:15:57 ip-172-31-46-92 sshd[1270]: Accepted publickey for ubuntu from 195.212.29.187 port 41592 ssh2: RSA SHA256:8f0RkWdZil4jBpv/fSX/mM6wlJatBgrUAETXiGUbegg
Jul 26 11:15:57 ip-172-31-46-92 sshd[1270]: pam_unix(sshd:session): session opened for user ubuntu by (uid=0)
Jul 26 11:15:57 ip-172-31-46-92 systemd: pam_unix(systemd-user:session): session opened for user ubuntu by (uid=0)
Jul 26 11:15:57 ip-172-31-46-92 systemd-logind[1124]: New session 1 of user ubuntu.
Jul 26 11:17:01 ip-172-31-46-92 CRON[1350]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul 26 11:17:01 ip-172-31-46-92 CRON[1350]: pam_unix(cron:session): session closed for user root
Jul 26 11:17:04 ip-172-31-46-92 sudo:   ubuntu : TTY=pts/0 ; PWD=/home/ubuntu ; USER=root ; COMMAND=/usr/sbin/adduser tomasz
Jul 26 11:17:04 ip-172-31-46-92 sudo: pam_unix(sudo:session): session opened for user root by ubuntu(uid=0)
Jul 26 11:17:04 ip-172-31-46-92 groupadd[1355]: group added to /etc/group: name=tomasz, GID=1001
Jul 26 11:17:04 ip-172-31-46-92 groupadd[1355]: group added to /etc/gshadow: name=tomasz
Jul 26 11:17:04 ip-172-31-46-92 groupadd[1355]: new group: name=tomasz, GID=1001
Jul 26 11:17:04 ip-172-31-46-92 useradd[1359]: new user: name=tomasz, UID=1001, GID=1001, home=/home/tomasz, shell=/bin/bash
Jul 26 11:18:52 ip-172-31-46-92 passwd[1366]: pam_unix(passwd:chauthtok): password changed for tomasz
Jul 26 11:19:50 ip-172-31-46-92 chfn[1367]: changed user 'tomasz' information
Jul 26 11:19:53 ip-172-31-46-92 sudo: pam_unix(sudo:session): session closed for user root
Jul 26 11:27:26 ip-172-31-46-92 sshd[1270]: pam_unix(sshd:session): session closed for user ubuntu
Jul 26 11:27:26 ip-172-31-46-92 systemd-logind[1124]: Removed session 1.
Jul 26 11:30:12 ip-172-31-46-92 sshd[1394]: userauth_pubkey: key type ssh-dss not in PubkeyAcceptedKeyTypes [preauth]
Jul 26 11:30:12 ip-172-31-46-92 sshd[1394]: Accepted publickey for ubuntu from 195.212.29.187 port 41762 ssh2: RSA SHA256:8f0RkWdZil4jBpv/fSX/mM6wlJatBgrUAETXiGUbegg
Jul 26 11:30:12 ip-172-31-46-92 sshd[1394]: pam_unix(sshd:session): session opened for user ubuntu by (uid=0)
Jul 26 11:30:12 ip-172-31-46-92 systemd: pam_unix(systemd-user:session): session opened for user ubuntu by (uid=0)
Jul 26 11:30:12 ip-172-31-46-92 systemd-logind[1124]: New session 3 of user ubuntu.
Jul 26 11:34:40 ip-172-31-46-92 su[1464]: Successful su for tomasz by ubuntu
Jul 26 11:34:40 ip-172-31-46-92 su[1464]: + /dev/pts/0 ubuntu:tomasz
Jul 26 11:34:40 ip-172-31-46-92 su[1464]: pam_unix(su:session): session opened for user tomasz by ubuntu(uid=1000)
Jul 26 11:34:40 ip-172-31-46-92 su[1464]: pam_systemd(su:session): Cannot create session: Already running in a session
Jul 26 11:39:40 ip-172-31-46-92 su[1464]: pam_unix(su:session): session closed for user tomasz
Jul 26 11:44:14 ip-172-31-46-92 sshd[1394]: pam_unix(sshd:session): session closed for user ubuntu
Jul 26 11:44:14 ip-172-31-46-92 systemd-logind[1124]: Removed session 3.
Jul 26 12:17:01 ip-172-31-46-92 CRON[1541]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul 26 12:17:01 ip-172-31-46-92 CRON[1541]: pam_unix(cron:session): session closed for user root
Jul 26 12:17:44 ip-172-31-46-92 sshd[1544]: Did not receive identification string from 220.178.78.130
Jul 26 12:28:01 ip-172-31-46-92 CRON[1547]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul 26 12:28:01 ip-172-31-46-92 CRON[1547]: pam_unix(cron:session): session closed for user root
Jul 26 13:17:01 ip-172-31-46-92 CRON[1574]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul 26 13:17:01 ip-172-31-46-92 CRON[1574]: pam_unix(cron:session): session closed for user root
Jul 26 13:25:06 ip-172-31-46-92 sshd[1589]: userauth_pubkey: key type ssh-dss not in PubkeyAcceptedKeyTypes [preauth]
Jul 26 13:25:07 ip-172-31-46-92 sshd[1589]: Accepted publickey for ubuntu from 195.212.29.187 port 43486 ssh2: RSA SHA256:8f0RkWdZil4jBpv/fSX/mM6wlJatBgrUAETXiGUbegg
Jul 26 13:25:07 ip-172-31-46-92 sshd[1589]: pam_unix(sshd:session): session opened for user ubuntu by (uid=0)
Jul 26 13:25:07 ip-172-31-46-92 systemd: pam_unix(systemd-user:session): session opened for user ubuntu by (uid=0)
Jul 26 13:25:07 ip-172-31-46-92 systemd-logind[1124]: New session 7 of user ubuntu.
Jul 26 13:25:42 ip-172-31-46-92 sshd[1668]: Connection closed by 23.92.208.245 port 25224 [preauth]
Jul 26 13:25:49 ip-172-31-46-92 sudo:   ubuntu : TTY=pts/0 ; PWD=/home/ubuntu ; USER=root ; COMMAND=/usr/bin/apt-get update
Jul 26 13:25:49 ip-172-31-46-92 sudo: pam_unix(sudo:session): session opened for user root by ubuntu(uid=0)
Jul 26 13:25:52 ip-172-31-46-92 sudo: pam_unix(sudo:session): session closed for user root
Jul 26 13:26:08 ip-172-31-46-92 sudo:   ubuntu : TTY=pts/0 ; PWD=/home/ubuntu ; USER=root ; COMMAND=/usr/bin/apt-get install -y htop
Jul 26 13:26:08 ip-172-31-46-92 sudo: pam_unix(sudo:session): session opened for user root by ubuntu(uid=0)
Jul 26 13:26:10 ip-172-31-46-92 sudo: pam_unix(sudo:session): session closed for user root
Jul 26 13:33:32 ip-172-31-46-92 sshd[1589]: pam_unix(sshd:session): session closed for user ubuntu
Jul 26 13:33:32 ip-172-31-46-92 systemd-logind[1124]: Removed session 7.
Jul 26 13:33:32 ip-172-31-46-92 systemd: pam_unix(systemd-user:session): session closed for user ubuntu
Jul 26 13:36:59 ip-172-31-46-92 sshd[2138]: userauth_pubkey: key type ssh-dss not in PubkeyAcceptedKeyTypes [preauth]
Jul 26 13:36:59 ip-172-31-46-92 sshd[2138]: Accepted publickey for ubuntu from 195.212.29.187 port 43704 ssh2: RSA SHA256:8f0RkWdZil4jBpv/fSX/mM6wlJatBgrUAETXiGUbegg
Jul 26 13:36:59 ip-172-31-46-92 sshd[2138]: pam_unix(sshd:session): session opened for user ubuntu by (uid=0)
Jul 26 13:36:59 ip-172-31-46-92 systemd: pam_unix(systemd-user:session): session opened for user ubuntu by (uid=0)
Jul 26 13:36:59 ip-172-31-46-92 systemd-logind[1124]: New session 8 of user ubuntu.
Jul 26 13:38:18 ip-172-31-46-92 su[2192]: Successful su for tomasz by ubuntu
Jul 26 13:38:18 ip-172-31-46-92 su[2192]: + /dev/pts/0 ubuntu:tomasz
Jul 26 13:38:18 ip-172-31-46-92 su[2192]: pam_unix(su:session): session opened for user tomasz by ubuntu(uid=1000)
Jul 26 13:38:18 ip-172-31-46-92 su[2192]: pam_systemd(su:session): Cannot create session: Already running in a session
Jul 26 13:40:28 ip-172-31-46-92 sudo:   tomasz : user NOT in sudoers ; TTY=pts/0 ; PWD=/home/tomasz ; USER=root ; COMMAND=/usr/sbin/visudo
Jul 26 13:41:00 ip-172-31-46-92 su[2192]: pam_unix(su:session): session closed for user tomasz
Jul 26 13:41:16 ip-172-31-46-92 sudo:   ubuntu : TTY=pts/0 ; PWD=/home/ubuntu ; USER=root ; COMMAND=/usr/sbin/visudo
Jul 26 13:41:16 ip-172-31-46-92 sudo: pam_unix(sudo:session): session opened for user root by ubuntu(uid=0)
Jul 26 13:44:57 ip-172-31-46-92 sshd[2176]: Received disconnect from 195.212.29.187 port 43704:11: disconnected by user
Jul 26 13:44:57 ip-172-31-46-92 sshd[2176]: Disconnected from 195.212.29.187 port 43704
Jul 26 13:44:57 ip-172-31-46-92 sshd[2138]: pam_unix(sshd:session): session closed for user ubuntu
Jul 26 13:44:57 ip-172-31-46-92 sudo: pam_unix(sudo:session): session closed for user root
Jul 26 13:44:57 ip-172-31-46-92 systemd-logind[1124]: Removed session 8.
Jul 26 13:45:09 ip-172-31-46-92 sshd[2230]: userauth_pubkey: key type ssh-dss not in PubkeyAcceptedKeyTypes [preauth]
Jul 26 13:45:09 ip-172-31-46-92 sshd[2230]: Accepted publickey for ubuntu from 195.212.29.187 port 43784 ssh2: RSA SHA256:8f0RkWdZil4jBpv/fSX/mM6wlJatBgrUAETXiGUbegg
Jul 26 13:45:09 ip-172-31-46-92 sshd[2230]: pam_unix(sshd:session): session opened for user ubuntu by (uid=0)
Jul 26 13:45:09 ip-172-31-46-92 systemd: pam_unix(systemd-user:session): session opened for user ubuntu by (uid=0)
Jul 26 13:45:09 ip-172-31-46-92 systemd-logind[1124]: New session 9 of user ubuntu.
Jul 26 13:46:03 ip-172-31-46-92 sudo:   ubuntu : TTY=pts/0 ; PWD=/etc ; USER=root ; COMMAND=/bin/su
Jul 26 13:46:03 ip-172-31-46-92 sudo: pam_unix(sudo:session): session opened for user root by ubuntu(uid=0)
Jul 26 13:46:03 ip-172-31-46-92 su[2291]: Successful su for root by root
Jul 26 13:46:03 ip-172-31-46-92 su[2291]: + /dev/pts/0 root:root
Jul 26 13:46:03 ip-172-31-46-92 su[2291]: pam_unix(su:session): session opened for user root by ubuntu(uid=0)
Jul 26 13:46:03 ip-172-31-46-92 su[2291]: pam_systemd(su:session): Cannot create session: Already running in a session
Jul 26 13:47:35 ip-172-31-46-92 sudo:     root : TTY=pts/0 ; PWD=/etc/sudoers.d ; USER=root ; COMMAND=/usr/sbin/visudo
Jul 26 13:47:35 ip-172-31-46-92 sudo: pam_unix(sudo:session): session opened for user root by ubuntu(uid=0)
Jul 26 13:51:49 ip-172-31-46-92 sshd[2268]: Received disconnect from 195.212.29.187 port 43784:11: disconnected by user
Jul 26 13:51:49 ip-172-31-46-92 sshd[2268]: Disconnected from 195.212.29.187 port 43784
Jul 26 13:51:49 ip-172-31-46-92 sshd[2230]: pam_unix(sshd:session): session closed for user ubuntu
Jul 26 13:51:49 ip-172-31-46-92 sudo: pam_unix(sudo:session): session closed for user root
Jul 26 13:51:49 ip-172-31-46-92 su[2291]: pam_unix(su:session): session closed for user root
Jul 26 13:51:49 ip-172-31-46-92 sudo: pam_unix(sudo:session): session closed for user root
Jul 26 13:51:49 ip-172-31-46-92 systemd-logind[1124]: Removed session 9.
Jul 26 13:51:49 ip-172-31-46-92 systemd: pam_unix(systemd-user:session): session closed for user ubuntu
Jul 26 16:32:41 ip-172-31-46-92 sshd[1112]: Server listening on 0.0.0.0 port 22.
Jul 26 16:32:41 ip-172-31-46-92 sshd[1112]: Server listening on :: port 22.
Jul 26 16:32:41 ip-172-31-46-92 systemd-logind[1074]: Watching system buttons on /dev/input/event0 (Power Button)
Jul 26 16:32:41 ip-172-31-46-92 systemd-logind[1074]: Watching system buttons on /dev/input/event1 (Sleep Button)
Jul 26 16:32:41 ip-172-31-46-92 systemd-logind[1074]: New seat seat0.
Jul 26 16:47:07 ip-172-31-46-92 sshd[1242]: fatal: Unable to negotiate with 103.207.36.231 port 62030: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1 [preauth]
Jul 26 16:47:12 ip-172-31-46-92 sshd[1244]: fatal: Unable to negotiate with 103.207.36.231 port 64058: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1 [preauth]
Jul 26 16:47:53 ip-172-31-46-92 sshd[1251]: error: Received disconnect from 188.121.0.11 port 51647:14: No supported authentication methods available [preauth]
Jul 26 16:47:53 ip-172-31-46-92 sshd[1251]: Disconnected from 188.121.0.11 port 51647 [preauth]
Jul 26 16:59:49 ip-172-31-46-92 sshd[1253]: error: Received disconnect from 188.121.0.11 port 51735:14: No supported authentication methods available [preauth]
Jul 26 16:59:49 ip-172-31-46-92 sshd[1253]: Disconnected from 188.121.0.11 port 51735 [preauth]
Jul 26 17:01:31 ip-172-31-46-92 sshd[1267]: error: Received disconnect from 188.121.0.11 port 51747:14: No supported authentication methods available [preauth]
Jul 26 17:01:31 ip-172-31-46-92 sshd[1267]: Disconnected from 188.121.0.11 port 51747 [preauth]
Jul 26 17:17:01 ip-172-31-46-92 CRON[1269]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul 26 17:17:01 ip-172-31-46-92 CRON[1269]: pam_unix(cron:session): session closed for user root
Jul 26 17:18:15 ip-172-31-46-92 sshd[1272]: error: Received disconnect from 188.121.0.11 port 52271:14: No supported authentication methods available [preauth]
Jul 26 17:18:15 ip-172-31-46-92 sshd[1272]: Disconnected from 188.121.0.11 port 52271 [preauth]
Jul 26 17:19:55 ip-172-31-46-92 sshd[1274]: error: Received disconnect from 188.121.0.11 port 52315:14: No supported authentication methods available [preauth]
Jul 26 17:19:55 ip-172-31-46-92 sshd[1274]: Disconnected from 188.121.0.11 port 52315 [preauth]
Jul 26 17:20:57 ip-172-31-46-92 sshd[1276]: Invalid user ubuntu@52.58.74.21 from 188.121.0.11
Jul 26 17:20:57 ip-172-31-46-92 sshd[1276]: input_userauth_request: invalid user ubuntu@52.58.74.21 [preauth]
Jul 26 17:20:57 ip-172-31-46-92 sshd[1276]: error: Received disconnect from 188.121.0.11 port 52325:14: No supported authentication methods available [preauth]
Jul 26 17:20:57 ip-172-31-46-92 sshd[1276]: Disconnected from 188.121.0.11 port 52325 [preauth]
Jul 26 17:23:03 ip-172-31-46-92 sshd[1278]: Connection closed by 188.121.0.11 port 52348 [preauth]
Jul 26 17:25:58 ip-172-31-46-92 sshd[1280]: Received disconnect from 116.31.116.52 port 28664:11:  [preauth]
Jul 26 17:25:58 ip-172-31-46-92 sshd[1280]: Disconnected from 116.31.116.52 port 28664 [preauth]
Jul 26 17:42:26 ip-172-31-46-92 sshd[1294]: error: Received disconnect from 188.121.0.11 port 52526:14: No supported authentication methods available [preauth]
Jul 26 17:42:26 ip-172-31-46-92 sshd[1294]: Disconnected from 188.121.0.11 port 52526 [preauth]
Jul 26 17:43:11 ip-172-31-46-92 sshd[1296]: Accepted publickey for root from 188.121.0.11 port 52532 ssh2: RSA SHA256:8f0RkWdZil4jBpv/fSX/mM6wlJatBgrUAETXiGUbegg
Jul 26 17:43:11 ip-172-31-46-92 sshd[1296]: pam_unix(sshd:session): session opened for user root by (uid=0)
Jul 26 17:43:11 ip-172-31-46-92 systemd: pam_unix(systemd-user:session): session opened for user root by (uid=0)
Jul 26 17:43:11 ip-172-31-46-92 systemd-logind[1074]: New session 2 of user root.
Jul 26 17:43:22 ip-172-31-46-92 sshd[1296]: pam_unix(sshd:session): session closed for user root
Jul 26 17:43:22 ip-172-31-46-92 systemd-logind[1074]: Removed session 2.
Jul 26 17:44:01 ip-172-31-46-92 sshd[1368]: Accepted publickey for ubuntu from 188.121.0.11 port 52537 ssh2: RSA SHA256:8f0RkWdZil4jBpv/fSX/mM6wlJatBgrUAETXiGUbegg
Jul 26 17:44:01 ip-172-31-46-92 sshd[1368]: pam_unix(sshd:session): session opened for user ubuntu by (uid=0)
Jul 26 17:44:01 ip-172-31-46-92 systemd: pam_unix(systemd-user:session): session opened for user ubuntu by (uid=0)
Jul 26 17:44:01 ip-172-31-46-92 systemd-logind[1074]: New session 3 of user ubuntu.
Jul 26 17:44:35 ip-172-31-46-92 su[1422]: Successful su for tomasz by ubuntu
Jul 26 17:44:35 ip-172-31-46-92 su[1422]: + /dev/pts/0 ubuntu:tomasz
Jul 26 17:44:35 ip-172-31-46-92 su[1422]: pam_unix(su:session): session opened for user tomasz by ubuntu(uid=1000)
Jul 26 17:44:35 ip-172-31-46-92 su[1422]: pam_systemd(su:session): Cannot create session: Already running in a session
Jul 26 17:56:23 ip-172-31-46-92 su[1422]: pam_unix(su:session): session closed for user tomasz
Jul 26 17:56:26 ip-172-31-46-92 sshd[1368]: pam_unix(sshd:session): session closed for user ubuntu
Jul 26 17:56:26 ip-172-31-46-92 systemd-logind[1074]: Removed session 3.
Jul 26 18:17:01 ip-172-31-46-92 CRON[1473]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul 26 18:17:01 ip-172-31-46-92 CRON[1473]: pam_unix(cron:session): session closed for user root
Jul 26 18:24:21 ip-172-31-46-92 sshd[1488]: Invalid user 0 from 91.197.232.107
Jul 26 18:24:21 ip-172-31-46-92 sshd[1488]: input_userauth_request: invalid user 0 [preauth]
Jul 26 18:24:21 ip-172-31-46-92 sshd[1488]: Connection closed by 91.197.232.107 port 56957 [preauth]
Jul 26 18:24:22 ip-172-31-46-92 sshd[1490]: Invalid user 0000 from 91.197.232.107
Jul 26 18:24:22 ip-172-31-46-92 sshd[1490]: input_userauth_request: invalid user 0000 [preauth]
Jul 26 18:24:22 ip-172-31-46-92 sshd[1490]: Connection closed by 91.197.232.107 port 33681 [preauth]
Jul 26 18:24:42 ip-172-31-46-92 sshd[1492]: Invalid user 010101 from 91.197.232.107
Jul 26 18:24:42 ip-172-31-46-92 sshd[1492]: input_userauth_request: invalid user 010101 [preauth]
Jul 26 18:24:42 ip-172-31-46-92 sshd[1492]: Connection closed by 91.197.232.107 port 41119 [preauth]
Jul 26 18:24:44 ip-172-31-46-92 sshd[1494]: Invalid user 1111 from 91.197.232.107
Jul 26 18:24:44 ip-172-31-46-92 sshd[1494]: input_userauth_request: invalid user 1111 [preauth]
Jul 26 18:24:45 ip-172-31-46-92 sshd[1494]: Connection closed by 91.197.232.107 port 42934 [preauth]
Jul 26 18:24:53 ip-172-31-46-92 sshd[1496]: Connection closed by 91.197.232.107 port 60618 [preauth]
Jul 26 18:24:54 ip-172-31-46-92 sshd[1498]: Invalid user 1234 from 91.197.232.107
Jul 26 18:24:54 ip-172-31-46-92 sshd[1498]: input_userauth_request: invalid user 1234 [preauth]
Jul 26 18:24:54 ip-172-31-46-92 sshd[1498]: Connection closed by 91.197.232.107 port 36092 [preauth]
Jul 26 18:25:09 ip-172-31-46-92 sshd[1500]: Invalid user admin from 91.197.232.107
Jul 26 18:25:09 ip-172-31-46-92 sshd[1500]: input_userauth_request: invalid user admin [preauth]
Jul 26 18:25:09 ip-172-31-46-92 sshd[1500]: Connection closed by 91.197.232.107 port 54703 [preauth]
Jul 26 18:25:19 ip-172-31-46-92 sshd[1502]: Invalid user admin from 91.197.232.107
Jul 26 18:25:19 ip-172-31-46-92 sshd[1502]: input_userauth_request: invalid user admin [preauth]
Jul 26 18:25:21 ip-172-31-46-92 sshd[1502]: Connection closed by 91.197.232.107 port 43460 [preauth]
Jul 26 18:25:27 ip-172-31-46-92 sshd[1504]: Invalid user admin from 91.197.232.107
Jul 26 18:25:27 ip-172-31-46-92 sshd[1504]: input_userauth_request: invalid user admin [preauth]
Jul 26 18:25:28 ip-172-31-46-92 sshd[1504]: Connection closed by 91.197.232.107 port 48826 [preauth]
Jul 26 18:25:35 ip-172-31-46-92 sshd[1506]: Invalid user admin from 91.197.232.107
Jul 26 18:25:35 ip-172-31-46-92 sshd[1506]: input_userauth_request: invalid user admin [preauth]
Jul 26 18:25:37 ip-172-31-46-92 sshd[1506]: Connection closed by 91.197.232.107 port 48478 [preauth]
Jul 26 18:25:44 ip-172-31-46-92 sshd[1508]: Invalid user admin from 91.197.232.107
Jul 26 18:25:44 ip-172-31-46-92 sshd[1508]: input_userauth_request: invalid user admin [preauth]
Jul 26 18:25:47 ip-172-31-46-92 sshd[1508]: Connection closed by 91.197.232.107 port 55165 [preauth]
Jul 26 18:25:53 ip-172-31-46-92 sshd[1510]: Invalid user admin from 91.197.232.107
Jul 26 18:25:53 ip-172-31-46-92 sshd[1510]: input_userauth_request: invalid user admin [preauth]
Jul 26 18:25:53 ip-172-31-46-92 sshd[1510]: Connection closed by 91.197.232.107 port 40203 [preauth]
Jul 26 18:26:00 ip-172-31-46-92 sshd[1512]: Invalid user api from 91.197.232.107
Jul 26 18:26:00 ip-172-31-46-92 sshd[1512]: input_userauth_request: invalid user api [preauth]
Jul 26 18:26:00 ip-172-31-46-92 sshd[1512]: Connection closed by 91.197.232.107 port 46706 [preauth]
Jul 26 18:26:13 ip-172-31-46-92 sshd[1514]: Invalid user dbadmin from 91.197.232.107
Jul 26 18:26:13 ip-172-31-46-92 sshd[1514]: input_userauth_request: invalid user dbadmin [preauth]
Jul 26 18:26:13 ip-172-31-46-92 sshd[1514]: Connection closed by 91.197.232.107 port 44679 [preauth]
Jul 26 18:26:17 ip-172-31-46-92 sshd[1516]: Invalid user default from 91.197.232.107
Jul 26 18:26:17 ip-172-31-46-92 sshd[1516]: input_userauth_request: invalid user default [preauth]
Jul 26 18:26:17 ip-172-31-46-92 sshd[1516]: Connection closed by 91.197.232.107 port 57031 [preauth]
Jul 26 18:26:27 ip-172-31-46-92 sshd[1518]: Invalid user default from 91.197.232.107
Jul 26 18:26:27 ip-172-31-46-92 sshd[1518]: input_userauth_request: invalid user default [preauth]
Jul 26 18:26:27 ip-172-31-46-92 sshd[1518]: Connection closed by 91.197.232.107 port 49165 [preauth]
Jul 26 18:26:27 ip-172-31-46-92 sshd[1520]: Invalid user ftp from 91.197.232.107
Jul 26 18:26:27 ip-172-31-46-92 sshd[1520]: input_userauth_request: invalid user ftp [preauth]
Jul 26 18:26:27 ip-172-31-46-92 sshd[1520]: Connection closed by 91.197.232.107 port 60401 [preauth]
Jul 26 18:26:28 ip-172-31-46-92 sshd[1522]: Invalid user ftpuser from 91.197.232.107
Jul 26 18:26:28 ip-172-31-46-92 sshd[1522]: input_userauth_request: invalid user ftpuser [preauth]
Jul 26 18:26:28 ip-172-31-46-92 sshd[1522]: Connection closed by 91.197.232.107 port 34124 [preauth]
Jul 26 18:26:30 ip-172-31-46-92 sshd[1524]: Invalid user git from 91.197.232.107
Jul 26 18:26:30 ip-172-31-46-92 sshd[1524]: input_userauth_request: invalid user git [preauth]
Jul 26 18:26:30 ip-172-31-46-92 sshd[1524]: Connection closed by 91.197.232.107 port 42208 [preauth]
Jul 26 18:26:39 ip-172-31-46-92 sshd[1526]: Connection closed by 91.197.232.107 port 54303 [preauth]
Jul 26 18:26:44 ip-172-31-46-92 sshd[1528]: Invalid user gpadmin from 91.197.232.107
Jul 26 18:26:44 ip-172-31-46-92 sshd[1528]: input_userauth_request: invalid user gpadmin [preauth]
Jul 26 18:26:44 ip-172-31-46-92 sshd[1528]: Connection closed by 91.197.232.107 port 37534 [preauth]
Jul 26 18:26:44 ip-172-31-46-92 sshd[1530]: Invalid user guest from 91.197.232.107
Jul 26 18:26:44 ip-172-31-46-92 sshd[1530]: input_userauth_request: invalid user guest [preauth]
Jul 26 18:26:44 ip-172-31-46-92 sshd[1530]: Connection closed by 91.197.232.107 port 52905 [preauth]
Jul 26 18:26:45 ip-172-31-46-92 sshd[1532]: Invalid user monitor from 91.197.232.107
Jul 26 18:26:45 ip-172-31-46-92 sshd[1532]: input_userauth_request: invalid user monitor [preauth]
Jul 26 18:26:45 ip-172-31-46-92 sshd[1532]: Connection closed by 91.197.232.107 port 53838 [preauth]
Jul 26 18:26:47 ip-172-31-46-92 sshd[1534]: Invalid user mysql from 91.197.232.107
Jul 26 18:26:47 ip-172-31-46-92 sshd[1534]: input_userauth_request: invalid user mysql [preauth]
Jul 26 18:26:47 ip-172-31-46-92 sshd[1534]: Connection closed by 91.197.232.107 port 55250 [preauth]
Jul 26 18:26:50 ip-172-31-46-92 sshd[1536]: Invalid user mysql from 91.197.232.107
Jul 26 18:26:50 ip-172-31-46-92 sshd[1536]: input_userauth_request: invalid user mysql [preauth]
Jul 26 18:26:50 ip-172-31-46-92 sshd[1536]: Connection closed by 91.197.232.107 port 60922 [preauth]
Jul 26 18:26:58 ip-172-31-46-92 sshd[1538]: Invalid user operator from 91.197.232.107
Jul 26 18:26:58 ip-172-31-46-92 sshd[1538]: input_userauth_request: invalid user operator [preauth]
Jul 26 18:26:58 ip-172-31-46-92 sshd[1538]: Connection closed by 91.197.232.107 port 44564 [preauth]
Jul 26 18:27:02 ip-172-31-46-92 sshd[1540]: Invalid user osmc from 91.197.232.107
Jul 26 18:27:02 ip-172-31-46-92 sshd[1540]: input_userauth_request: invalid user osmc [preauth]
Jul 26 18:27:02 ip-172-31-46-92 sshd[1540]: Connection closed by 91.197.232.107 port 53853 [preauth]
Jul 26 18:27:10 ip-172-31-46-92 sshd[1542]: Invalid user pi from 91.197.232.107
Jul 26 18:27:10 ip-172-31-46-92 sshd[1542]: input_userauth_request: invalid user pi [preauth]
Jul 26 18:27:11 ip-172-31-46-92 sshd[1542]: Connection closed by 91.197.232.107 port 38048 [preauth]
Jul 26 18:27:17 ip-172-31-46-92 sshd[1544]: Connection closed by 91.197.232.107 port 48625 [preauth]
Jul 26 18:27:37 ip-172-31-46-92 sshd[1546]: Connection closed by 91.197.232.107 port 42536 [preauth]
Jul 26 18:27:44 ip-172-31-46-92 sshd[1548]: Connection closed by 91.197.232.107 port 47173 [preauth]
Jul 26 18:27:50 ip-172-31-46-92 sshd[1550]: Invalid user service from 91.197.232.107
Jul 26 18:27:50 ip-172-31-46-92 sshd[1550]: input_userauth_request: invalid user service [preauth]
Jul 26 18:27:56 ip-172-31-46-92 sshd[1550]: Connection closed by 91.197.232.107 port 33446 [preauth]
Jul 26 18:28:03 ip-172-31-46-92 sshd[1552]: Connection closed by 91.197.232.107 port 44837 [preauth]
Jul 26 18:28:08 ip-172-31-46-92 sshd[1554]: Invalid user support from 91.197.232.107
Jul 26 18:28:08 ip-172-31-46-92 sshd[1554]: input_userauth_request: invalid user support [preauth]
Jul 26 18:28:08 ip-172-31-46-92 sshd[1554]: Connection closed by 91.197.232.107 port 54265 [preauth]
Jul 26 18:28:17 ip-172-31-46-92 sshd[1556]: Invalid user sysadmin from 91.197.232.107
Jul 26 18:28:17 ip-172-31-46-92 sshd[1556]: input_userauth_request: invalid user sysadmin [preauth]
Jul 26 18:28:17 ip-172-31-46-92 sshd[1556]: Connection closed by 91.197.232.107 port 37494 [preauth]
Jul 26 18:28:26 ip-172-31-46-92 sshd[1558]: Invalid user telecomadmin from 91.197.232.107
Jul 26 18:28:26 ip-172-31-46-92 sshd[1558]: input_userauth_request: invalid user telecomadmin [preauth]
Jul 26 18:28:26 ip-172-31-46-92 sshd[1558]: Connection closed by 91.197.232.107 port 47241 [preauth]
Jul 26 18:28:31 ip-172-31-46-92 sshd[1560]: Invalid user telnet from 91.197.232.107
Jul 26 18:28:31 ip-172-31-46-92 sshd[1560]: input_userauth_request: invalid user telnet [preauth]
Jul 26 18:28:31 ip-172-31-46-92 sshd[1560]: Connection closed by 91.197.232.107 port 58893 [preauth]
Jul 26 18:28:34 ip-172-31-46-92 sshd[1562]: Invalid user test from 91.197.232.107
Jul 26 18:28:34 ip-172-31-46-92 sshd[1562]: input_userauth_request: invalid user test [preauth]
Jul 26 18:28:34 ip-172-31-46-92 sshd[1562]: Connection closed by 91.197.232.107 port 48519 [preauth]
Jul 26 18:28:38 ip-172-31-46-92 sshd[1564]: Connection closed by 91.197.232.107 port 59037 [preauth]
Jul 26 18:28:47 ip-172-31-46-92 sshd[1566]: Invalid user ubnt from 91.197.232.107
Jul 26 18:28:47 ip-172-31-46-92 sshd[1566]: input_userauth_request: invalid user ubnt [preauth]
Jul 26 18:28:47 ip-172-31-46-92 sshd[1566]: Connection closed by 91.197.232.107 port 52945 [preauth]
Jul 26 18:28:59 ip-172-31-46-92 sshd[1568]: Invalid user user from 91.197.232.107
Jul 26 18:28:59 ip-172-31-46-92 sshd[1568]: input_userauth_request: invalid user user [preauth]
Jul 26 18:29:00 ip-172-31-46-92 sshd[1568]: Connection closed by 91.197.232.107 port 59453 [preauth]
Jul 26 18:29:17 ip-172-31-46-92 sshd[1570]: Invalid user user1 from 91.197.232.107
Jul 26 18:29:17 ip-172-31-46-92 sshd[1570]: input_userauth_request: invalid user user1 [preauth]
Jul 26 18:29:17 ip-172-31-46-92 sshd[1570]: Connection closed by 91.197.232.107 port 53629 [preauth]
Jul 26 18:29:21 ip-172-31-46-92 sshd[1572]: Connection closed by 91.197.232.107 port 36000 [preauth]
Jul 26 19:17:01 ip-172-31-46-92 CRON[1598]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul 26 19:17:01 ip-172-31-46-92 CRON[1598]: pam_unix(cron:session): session closed for user root
Jul 26 19:38:28 ip-172-31-46-92 sshd[1601]: error: maximum authentication attempts exceeded for root from 36.155.7.4 port 38171 ssh2 [preauth]
Jul 26 19:38:28 ip-172-31-46-92 sshd[1601]: Disconnecting: Too many authentication failures [preauth]
Jul 26 20:17:01 ip-172-31-46-92 CRON[1627]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul 26 20:17:01 ip-172-31-46-92 CRON[1627]: pam_unix(cron:session): session closed for user root
Jul 26 21:17:01 ip-172-31-46-92 CRON[1725]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul 26 21:17:01 ip-172-31-46-92 CRON[1725]: pam_unix(cron:session): session closed for user root
Jul 26 21:21:58 ip-172-31-46-92 sshd[1740]: Bad protocol version identification '' from 183.196.44.109 port 57750
Jul 26 22:17:01 ip-172-31-46-92 CRON[1753]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul 26 22:17:01 ip-172-31-46-92 CRON[1753]: pam_unix(cron:session): session closed for user root
Jul 26 23:17:01 ip-172-31-46-92 CRON[1792]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul 26 23:17:01 ip-172-31-46-92 CRON[1792]: pam_unix(cron:session): session closed for user root
Jul 27 00:02:01 ip-172-31-46-92 sshd[1819]: Received disconnect from 59.45.175.88 port 50661:11:  [preauth]
Jul 27 00:02:01 ip-172-31-46-92 sshd[1819]: Disconnected from 59.45.175.88 port 50661 [preauth]
Jul 27 00:02:23 ip-172-31-46-92 sshd[1821]: Received disconnect from 59.45.175.62 port 43006:11:  [preauth]
Jul 27 00:02:23 ip-172-31-46-92 sshd[1821]: Disconnected from 59.45.175.62 port 43006 [preauth]
Jul 27 00:02:50 ip-172-31-46-92 sshd[1823]: Received disconnect from 59.45.175.88 port 43945:11:  [preauth]
Jul 27 00:02:50 ip-172-31-46-92 sshd[1823]: Disconnected from 59.45.175.88 port 43945 [preauth]
Jul 27 00:03:00 ip-172-31-46-92 sshd[1825]: Received disconnect from 59.45.175.62 port 59698:11:  [preauth]
Jul 27 00:03:00 ip-172-31-46-92 sshd[1825]: Disconnected from 59.45.175.62 port 59698 [preauth]
Jul 27 00:03:28 ip-172-31-46-92 sshd[1827]: Received disconnect from 59.45.175.66 port 48360:11:  [preauth]
Jul 27 00:03:28 ip-172-31-46-92 sshd[1827]: Disconnected from 59.45.175.66 port 48360 [preauth]
Jul 27 00:04:10 ip-172-31-46-92 sshd[1829]: Received disconnect from 121.18.238.125 port 56148:11:  [preauth]
Jul 27 00:04:10 ip-172-31-46-92 sshd[1829]: Disconnected from 121.18.238.125 port 56148 [preauth]
Jul 27 00:04:28 ip-172-31-46-92 sshd[1831]: Received disconnect from 59.45.175.86 port 40787:11:  [preauth]
Jul 27 00:04:28 ip-172-31-46-92 sshd[1831]: Disconnected from 59.45.175.86 port 40787 [preauth]
Jul 27 00:05:23 ip-172-31-46-92 sshd[1833]: Received disconnect from 221.194.47.242 port 36328:11:  [preauth]
Jul 27 00:05:23 ip-172-31-46-92 sshd[1833]: Disconnected from 221.194.47.242 port 36328 [preauth]
Jul 27 00:05:24 ip-172-31-46-92 sshd[1835]: Received disconnect from 59.45.175.86 port 53448:11:  [preauth]
Jul 27 00:05:24 ip-172-31-46-92 sshd[1835]: Disconnected from 59.45.175.86 port 53448 [preauth]
Jul 27 00:05:56 ip-172-31-46-92 sshd[1837]: Received disconnect from 221.194.44.212 port 55304:11:  [preauth]
Jul 27 00:05:56 ip-172-31-46-92 sshd[1837]: Disconnected from 221.194.44.212 port 55304 [preauth]
Jul 27 00:06:22 ip-172-31-46-92 sshd[1839]: Received disconnect from 59.45.175.62 port 52298:11:  [preauth]
Jul 27 00:06:22 ip-172-31-46-92 sshd[1839]: Disconnected from 59.45.175.62 port 52298 [preauth]
Jul 27 00:06:42 ip-172-31-46-92 sshd[1841]: Received disconnect from 221.194.47.242 port 52989:11:  [preauth]
Jul 27 00:06:42 ip-172-31-46-92 sshd[1841]: Disconnected from 221.194.47.242 port 52989 [preauth]
Jul 27 00:07:35 ip-172-31-46-92 sshd[1843]: Received disconnect from 221.194.47.224 port 48416:11:  [preauth]
Jul 27 00:07:35 ip-172-31-46-92 sshd[1843]: Disconnected from 221.194.47.224 port 48416 [preauth]
Jul 27 00:07:41 ip-172-31-46-92 sshd[1845]: Received disconnect from 221.194.47.236 port 46281:11:  [preauth]
Jul 27 00:07:41 ip-172-31-46-92 sshd[1845]: Disconnected from 221.194.47.236 port 46281 [preauth]
Jul 27 00:07:54 ip-172-31-46-92 sshd[1847]: Received disconnect from 59.45.175.67 port 55860:11:  [preauth]
Jul 27 00:07:54 ip-172-31-46-92 sshd[1847]: Disconnected from 59.45.175.67 port 55860 [preauth]
Jul 27 00:08:16 ip-172-31-46-92 sshd[1849]: Received disconnect from 121.18.238.28 port 52530:11:  [preauth]
Jul 27 00:08:16 ip-172-31-46-92 sshd[1849]: Disconnected from 121.18.238.28 port 52530 [preauth]
Jul 27 00:08:36 ip-172-31-46-92 sshd[1851]: Received disconnect from 42.7.26.55 port 35808:11:  [preauth]
Jul 27 00:08:36 ip-172-31-46-92 sshd[1851]: Disconnected from 42.7.26.55 port 35808 [preauth]
Jul 27 00:08:59 ip-172-31-46-92 sshd[1853]: Received disconnect from 59.45.175.86 port 44104:11:  [preauth]
Jul 27 00:08:59 ip-172-31-46-92 sshd[1853]: Disconnected from 59.45.175.86 port 44104 [preauth]
Jul 27 00:09:23 ip-172-31-46-92 sshd[1855]: Received disconnect from 221.194.44.212 port 55198:11:  [preauth]
Jul 27 00:09:23 ip-172-31-46-92 sshd[1855]: Disconnected from 221.194.44.212 port 55198 [preauth]
Jul 27 00:09:48 ip-172-31-46-92 sshd[1857]: Received disconnect from 59.45.175.67 port 34563:11:  [preauth]
Jul 27 00:09:48 ip-172-31-46-92 sshd[1857]: Disconnected from 59.45.175.67 port 34563 [preauth]
Jul 27 00:09:53 ip-172-31-46-92 sshd[1859]: Received disconnect from 121.18.238.125 port 50024:11:  [preauth]
Jul 27 00:09:53 ip-172-31-46-92 sshd[1859]: Disconnected from 121.18.238.125 port 50024 [preauth]
Jul 27 00:09:59 ip-172-31-46-92 sshd[1861]: Received disconnect from 59.45.175.62 port 47167:11:  [preauth]
Jul 27 00:09:59 ip-172-31-46-92 sshd[1861]: Disconnected from 59.45.175.62 port 47167 [preauth]
Jul 27 00:10:20 ip-172-31-46-92 sshd[1863]: Received disconnect from 221.194.47.236 port 48680:11:  [preauth]
Jul 27 00:10:20 ip-172-31-46-92 sshd[1863]: Disconnected from 221.194.47.236 port 48680 [preauth]
Jul 27 00:10:25 ip-172-31-46-92 sshd[1865]: Received disconnect from 59.45.175.88 port 47669:11:  [preauth]
Jul 27 00:10:25 ip-172-31-46-92 sshd[1865]: Disconnected from 59.45.175.88 port 47669 [preauth]
Jul 27 00:10:39 ip-172-31-46-92 sshd[1867]: Received disconnect from 221.194.47.236 port 41515:11:  [preauth]
Jul 27 00:10:39 ip-172-31-46-92 sshd[1867]: Disconnected from 221.194.47.236 port 41515 [preauth]
Jul 27 00:11:35 ip-172-31-46-92 sshd[1869]: Received disconnect from 59.45.175.66 port 60245:11:  [preauth]
Jul 27 00:11:35 ip-172-31-46-92 sshd[1869]: Disconnected from 59.45.175.66 port 60245 [preauth]
Jul 27 00:12:13 ip-172-31-46-92 sshd[1871]: Received disconnect from 221.194.47.233 port 37040:11:  [preauth]
Jul 27 00:12:13 ip-172-31-46-92 sshd[1871]: Disconnected from 221.194.47.233 port 37040 [preauth]
Jul 27 00:12:27 ip-172-31-46-92 sshd[1873]: Received disconnect from 59.45.175.88 port 59441:11:  [preauth]
Jul 27 00:12:27 ip-172-31-46-92 sshd[1873]: Disconnected from 59.45.175.88 port 59441 [preauth]
Jul 27 00:13:04 ip-172-31-46-92 sshd[1875]: Received disconnect from 221.194.47.242 port 44861:11:  [preauth]
Jul 27 00:13:04 ip-172-31-46-92 sshd[1875]: Disconnected from 221.194.47.242 port 44861 [preauth]
Jul 27 00:13:27 ip-172-31-46-92 sshd[1877]: Received disconnect from 59.45.175.66 port 59296:11:  [preauth]
Jul 27 00:13:27 ip-172-31-46-92 sshd[1877]: Disconnected from 59.45.175.66 port 59296 [preauth]
Jul 27 00:13:31 ip-172-31-46-92 sshd[1879]: Received disconnect from 59.45.175.86 port 40589:11:  [preauth]
Jul 27 00:13:31 ip-172-31-46-92 sshd[1879]: Disconnected from 59.45.175.86 port 40589 [preauth]
Jul 27 00:14:26 ip-172-31-46-92 sshd[1881]: Received disconnect from 221.194.47.224 port 41907:11:  [preauth]
Jul 27 00:14:26 ip-172-31-46-92 sshd[1881]: Disconnected from 221.194.47.224 port 41907 [preauth]
Jul 27 00:15:42 ip-172-31-46-92 sshd[1883]: Received disconnect from 121.18.238.106 port 37473:11:  [preauth]
Jul 27 00:15:42 ip-172-31-46-92 sshd[1883]: Disconnected from 121.18.238.106 port 37473 [preauth]
Jul 27 00:15:52 ip-172-31-46-92 sshd[1887]: Received disconnect from 221.194.47.236 port 37097:11:  [preauth]
Jul 27 00:15:52 ip-172-31-46-92 sshd[1887]: Disconnected from 221.194.47.236 port 37097 [preauth]
Jul 27 00:15:52 ip-172-31-46-92 sshd[1885]: Received disconnect from 59.45.175.86 port 36187:11:  [preauth]
Jul 27 00:15:52 ip-172-31-46-92 sshd[1885]: Disconnected from 59.45.175.86 port 36187 [preauth]
Jul 27 00:16:33 ip-172-31-46-92 sshd[1889]: Received disconnect from 59.45.175.64 port 36396:11:  [preauth]
Jul 27 00:16:33 ip-172-31-46-92 sshd[1889]: Disconnected from 59.45.175.64 port 36396 [preauth]
Jul 27 00:16:41 ip-172-31-46-92 sshd[1891]: Received disconnect from 59.45.175.62 port 47728:11:  [preauth]
Jul 27 00:16:41 ip-172-31-46-92 sshd[1891]: Disconnected from 59.45.175.62 port 47728 [preauth]
Jul 27 00:17:01 ip-172-31-46-92 CRON[1893]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul 27 00:17:01 ip-172-31-46-92 CRON[1893]: pam_unix(cron:session): session closed for user root
Jul 27 00:19:04 ip-172-31-46-92 sshd[1896]: Received disconnect from 221.194.47.236 port 46010:11:  [preauth]
Jul 27 00:19:04 ip-172-31-46-92 sshd[1896]: Disconnected from 221.194.47.236 port 46010 [preauth]
Jul 27 00:19:15 ip-172-31-46-92 sshd[1898]: Received disconnect from 121.18.238.119 port 58902:11:  [preauth]
Jul 27 00:19:15 ip-172-31-46-92 sshd[1898]: Disconnected from 121.18.238.119 port 58902 [preauth]
Jul 27 00:19:27 ip-172-31-46-92 sshd[1900]: Received disconnect from 59.45.175.66 port 43770:11:  [preauth]
Jul 27 00:19:27 ip-172-31-46-92 sshd[1900]: Disconnected from 59.45.175.66 port 43770 [preauth]
Jul 27 00:20:43 ip-172-31-46-92 sshd[1902]: Received disconnect from 221.194.47.224 port 53092:11:  [preauth]
Jul 27 00:20:43 ip-172-31-46-92 sshd[1902]: Disconnected from 221.194.47.224 port 53092 [preauth]
Jul 27 00:21:15 ip-172-31-46-92 sshd[1904]: Received disconnect from 221.194.47.242 port 42844:11:  [preauth]
Jul 27 00:21:15 ip-172-31-46-92 sshd[1904]: Disconnected from 221.194.47.242 port 42844 [preauth]
Jul 27 00:21:31 ip-172-31-46-92 sshd[1918]: Received disconnect from 121.18.238.125 port 37203:11:  [preauth]
Jul 27 00:21:31 ip-172-31-46-92 sshd[1918]: Disconnected from 121.18.238.125 port 37203 [preauth]
Jul 27 00:22:29 ip-172-31-46-92 sshd[1920]: Received disconnect from 59.45.175.66 port 38585:11:  [preauth]
Jul 27 00:22:29 ip-172-31-46-92 sshd[1920]: Disconnected from 59.45.175.66 port 38585 [preauth]
Jul 27 00:22:50 ip-172-31-46-92 sshd[1922]: Received disconnect from 121.18.238.28 port 47376:11:  [preauth]
Jul 27 00:22:50 ip-172-31-46-92 sshd[1922]: Disconnected from 121.18.238.28 port 47376 [preauth]
Jul 27 00:23:37 ip-172-31-46-92 sshd[1924]: Received disconnect from 121.18.238.106 port 48595:11:  [preauth]
Jul 27 00:23:37 ip-172-31-46-92 sshd[1924]: Disconnected from 121.18.238.106 port 48595 [preauth]
Jul 27 00:24:18 ip-172-31-46-92 sshd[1926]: Received disconnect from 59.45.175.66 port 48164:11:  [preauth]
Jul 27 00:24:18 ip-172-31-46-92 sshd[1926]: Disconnected from 59.45.175.66 port 48164 [preauth]
Jul 27 00:24:20 ip-172-31-46-92 sshd[1928]: Received disconnect from 221.194.47.242 port 43316:11:  [preauth]
Jul 27 00:24:20 ip-172-31-46-92 sshd[1928]: Disconnected from 221.194.47.242 port 43316 [preauth]
Jul 27 00:24:54 ip-172-31-46-92 sshd[1930]: Received disconnect from 42.7.26.55 port 56504:11:  [preauth]
Jul 27 00:24:54 ip-172-31-46-92 sshd[1930]: Disconnected from 42.7.26.55 port 56504 [preauth]
Jul 27 00:25:49 ip-172-31-46-92 sshd[1932]: Received disconnect from 42.7.26.55 port 45676:11:  [preauth]
Jul 27 00:25:49 ip-172-31-46-92 sshd[1932]: Disconnected from 42.7.26.55 port 45676 [preauth]
Jul 27 00:26:28 ip-172-31-46-92 sshd[1934]: Received disconnect from 42.7.26.55 port 41968:11:  [preauth]
Jul 27 00:26:28 ip-172-31-46-92 sshd[1934]: Disconnected from 42.7.26.55 port 41968 [preauth]
Jul 27 00:27:04 ip-172-31-46-92 sshd[1936]: Received disconnect from 59.45.175.67 port 54129:11:  [preauth]
Jul 27 00:27:04 ip-172-31-46-92 sshd[1936]: Disconnected from 59.45.175.67 port 54129 [preauth]
Jul 27 00:27:35 ip-172-31-46-92 sshd[1938]: Received disconnect from 42.7.26.55 port 37320:11:  [preauth]
Jul 27 00:27:35 ip-172-31-46-92 sshd[1938]: Disconnected from 42.7.26.55 port 37320 [preauth]
Jul 27 00:27:52 ip-172-31-46-92 sshd[1940]: Received disconnect from 221.194.47.242 port 58276:11:  [preauth]
Jul 27 00:27:52 ip-172-31-46-92 sshd[1940]: Disconnected from 221.194.47.242 port 58276 [preauth]
Jul 27 00:28:05 ip-172-31-46-92 sshd[1942]: Received disconnect from 221.194.47.224 port 43258:11:  [preauth]
Jul 27 00:28:05 ip-172-31-46-92 sshd[1942]: Disconnected from 221.194.47.224 port 43258 [preauth]
Jul 27 00:30:45 ip-172-31-46-92 sshd[1944]: Received disconnect from 121.18.238.125 port 58281:11:  [preauth]
Jul 27 00:30:45 ip-172-31-46-92 sshd[1944]: Disconnected from 121.18.238.125 port 58281 [preauth]
Jul 27 00:32:15 ip-172-31-46-92 sshd[1946]: Received disconnect from 221.194.47.233 port 32773:11:  [preauth]
Jul 27 00:32:15 ip-172-31-46-92 sshd[1946]: Disconnected from 221.194.47.233 port 32773 [preauth]
Jul 27 00:32:27 ip-172-31-46-92 sshd[1948]: Received disconnect from 121.18.238.106 port 35667:11:  [preauth]
Jul 27 00:32:27 ip-172-31-46-92 sshd[1948]: Disconnected from 121.18.238.106 port 35667 [preauth]
Jul 27 00:33:09 ip-172-31-46-92 sshd[1950]: Received disconnect from 221.194.47.224 port 46528:11:  [preauth]
Jul 27 00:33:09 ip-172-31-46-92 sshd[1950]: Disconnected from 221.194.47.224 port 46528 [preauth]
Jul 27 00:37:27 ip-172-31-46-92 sshd[1952]: Received disconnect from 221.194.47.224 port 48318:11:  [preauth]
Jul 27 00:37:27 ip-172-31-46-92 sshd[1952]: Disconnected from 221.194.47.224 port 48318 [preauth]
Jul 27 00:37:52 ip-172-31-46-92 sshd[1954]: Received disconnect from 121.18.238.119 port 57778:11:  [preauth]
Jul 27 00:37:52 ip-172-31-46-92 sshd[1954]: Disconnected from 121.18.238.119 port 57778 [preauth]
Jul 27 00:38:13 ip-172-31-46-92 sshd[1956]: Received disconnect from 202.137.147.102 port 36471:11: Bye Bye [preauth]
Jul 27 00:38:13 ip-172-31-46-92 sshd[1956]: Disconnected from 202.137.147.102 port 36471 [preauth]
Jul 27 00:39:02 ip-172-31-46-92 sshd[1958]: Received disconnect from 121.18.238.125 port 42865:11:  [preauth]
Jul 27 00:39:02 ip-172-31-46-92 sshd[1958]: Disconnected from 121.18.238.125 port 42865 [preauth]
Jul 27 00:40:31 ip-172-31-46-92 sshd[1960]: Received disconnect from 221.194.47.224 port 59176:11:  [preauth]
Jul 27 00:40:31 ip-172-31-46-92 sshd[1960]: Disconnected from 221.194.47.224 port 59176 [preauth]
Jul 27 00:41:07 ip-172-31-46-92 sshd[1962]: Received disconnect from 121.18.238.125 port 53773:11:  [preauth]
Jul 27 00:41:07 ip-172-31-46-92 sshd[1962]: Disconnected from 121.18.238.125 port 53773 [preauth]
Jul 27 00:43:29 ip-172-31-46-92 sshd[1964]: Received disconnect from 59.45.175.67 port 48297:11:  [preauth]
Jul 27 00:43:29 ip-172-31-46-92 sshd[1964]: Disconnected from 59.45.175.67 port 48297 [preauth]
Jul 27 00:44:26 ip-172-31-46-92 sshd[1966]: Received disconnect from 221.194.47.224 port 39780:11:  [preauth]
Jul 27 00:44:26 ip-172-31-46-92 sshd[1966]: Disconnected from 221.194.47.224 port 39780 [preauth]
Jul 27 00:46:32 ip-172-31-46-92 sshd[1968]: Received disconnect from 121.18.238.123 port 39679:11:  [preauth]
Jul 27 00:46:32 ip-172-31-46-92 sshd[1968]: Disconnected from 121.18.238.123 port 39679 [preauth]
Jul 27 00:48:56 ip-172-31-46-92 sshd[1970]: Received disconnect from 221.194.47.224 port 33593:11:  [preauth]
Jul 27 00:48:56 ip-172-31-46-92 sshd[1970]: Disconnected from 221.194.47.224 port 33593 [preauth]
Jul 27 00:49:25 ip-172-31-46-92 sshd[1972]: Received disconnect from 221.194.47.233 port 59771:11:  [preauth]
Jul 27 00:49:25 ip-172-31-46-92 sshd[1972]: Disconnected from 221.194.47.233 port 59771 [preauth]
Jul 27 00:50:28 ip-172-31-46-92 sshd[1974]: Received disconnect from 121.18.238.125 port 42639:11:  [preauth]
Jul 27 00:50:28 ip-172-31-46-92 sshd[1974]: Disconnected from 121.18.238.125 port 42639 [preauth]
Jul 27 00:50:30 ip-172-31-46-92 sshd[1976]: Received disconnect from 221.194.47.233 port 58349:11:  [preauth]
Jul 27 00:50:30 ip-172-31-46-92 sshd[1976]: Disconnected from 221.194.47.233 port 58349 [preauth]
Jul 27 00:52:11 ip-172-31-46-92 sshd[1990]: Received disconnect from 121.18.238.106 port 57413:11:  [preauth]
Jul 27 00:52:11 ip-172-31-46-92 sshd[1990]: Disconnected from 121.18.238.106 port 57413 [preauth]
Jul 27 00:52:40 ip-172-31-46-92 sshd[1992]: Received disconnect from 221.194.47.233 port 43079:11:  [preauth]
Jul 27 00:52:40 ip-172-31-46-92 sshd[1992]: Disconnected from 221.194.47.233 port 43079 [preauth]
Jul 27 00:53:10 ip-172-31-46-92 sshd[1994]: Received disconnect from 221.194.47.224 port 41043:11:  [preauth]
Jul 27 00:53:10 ip-172-31-46-92 sshd[1994]: Disconnected from 221.194.47.224 port 41043 [preauth]
Jul 27 00:53:33 ip-172-31-46-92 sshd[1996]: Received disconnect from 121.18.238.106 port 42790:11:  [preauth]
Jul 27 00:53:33 ip-172-31-46-92 sshd[1996]: Disconnected from 121.18.238.106 port 42790 [preauth]
Jul 27 00:54:15 ip-172-31-46-92 sshd[1998]: Received disconnect from 121.18.238.119 port 51122:11:  [preauth]
Jul 27 00:54:15 ip-172-31-46-92 sshd[1998]: Disconnected from 121.18.238.119 port 51122 [preauth]
Jul 27 00:57:08 ip-172-31-46-92 sshd[2000]: Received disconnect from 221.194.47.224 port 44918:11:  [preauth]
Jul 27 00:57:08 ip-172-31-46-92 sshd[2000]: Disconnected from 221.194.47.224 port 44918 [preauth]
Jul 27 01:17:01 ip-172-31-46-92 CRON[2002]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul 27 01:17:01 ip-172-31-46-92 CRON[2002]: pam_unix(cron:session): session closed for user root
Jul 27 01:22:57 ip-172-31-46-92 sshd[2017]: Received disconnect from 59.45.175.66 port 35489:11:  [preauth]
Jul 27 01:22:57 ip-172-31-46-92 sshd[2017]: Disconnected from 59.45.175.66 port 35489 [preauth]
Jul 27 01:25:41 ip-172-31-46-92 sshd[2019]: Connection closed by 139.162.122.110 port 45896 [preauth]
Jul 27 01:25:42 ip-172-31-46-92 sshd[2021]: Invalid user  from 139.162.122.110
Jul 27 01:25:42 ip-172-31-46-92 sshd[2021]: input_userauth_request: invalid user  [preauth]
Jul 27 01:25:42 ip-172-31-46-92 sshd[2021]: Connection closed by 139.162.122.110 port 46086 [preauth]
Jul 27 01:27:49 ip-172-31-46-92 sshd[2023]: Received disconnect from 221.194.44.212 port 37019:11:  [preauth]
Jul 27 01:27:49 ip-172-31-46-92 sshd[2023]: Disconnected from 221.194.44.212 port 37019 [preauth]
Jul 27 01:33:01 ip-172-31-46-92 sshd[2025]: Invalid user 0 from 91.197.232.109
Jul 27 01:33:01 ip-172-31-46-92 sshd[2025]: input_userauth_request: invalid user 0 [preauth]
Jul 27 01:33:01 ip-172-31-46-92 sshd[2025]: Connection closed by 91.197.232.109 port 36503 [preauth]
Jul 27 01:33:15 ip-172-31-46-92 sshd[2027]: Invalid user 0000 from 91.197.232.109
Jul 27 01:33:15 ip-172-31-46-92 sshd[2027]: input_userauth_request: invalid user 0000 [preauth]
Jul 27 01:33:15 ip-172-31-46-92 sshd[2027]: Connection closed by 91.197.232.109 port 39206 [preauth]
Jul 27 01:33:22 ip-172-31-46-92 sshd[2029]: Invalid user 010101 from 91.197.232.109
Jul 27 01:33:22 ip-172-31-46-92 sshd[2029]: input_userauth_request: invalid user 010101 [preauth]
Jul 27 01:33:22 ip-172-31-46-92 sshd[2029]: Connection closed by 91.197.232.109 port 37143 [preauth]
Jul 27 01:33:30 ip-172-31-46-92 sshd[2031]: Invalid user 1111 from 91.197.232.109
Jul 27 01:33:30 ip-172-31-46-92 sshd[2031]: input_userauth_request: invalid user 1111 [preauth]
Jul 27 01:33:30 ip-172-31-46-92 sshd[2031]: Connection closed by 91.197.232.109 port 53791 [preauth]
Jul 27 01:33:41 ip-172-31-46-92 sshd[2033]: Connection closed by 91.197.232.109 port 56311 [preauth]
Jul 27 01:33:50 ip-172-31-46-92 sshd[2035]: Invalid user 1234 from 91.197.232.109
Jul 27 01:33:50 ip-172-31-46-92 sshd[2035]: input_userauth_request: invalid user 1234 [preauth]
Jul 27 01:33:50 ip-172-31-46-92 sshd[2035]: Connection closed by 91.197.232.109 port 42369 [preauth]
Jul 27 01:33:53 ip-172-31-46-92 sshd[2037]: Invalid user admin from 91.197.232.109
Jul 27 01:33:53 ip-172-31-46-92 sshd[2037]: input_userauth_request: invalid user admin [preauth]
Jul 27 01:33:54 ip-172-31-46-92 sshd[2037]: Connection closed by 91.197.232.109 port 45440 [preauth]
Jul 27 01:34:01 ip-172-31-46-92 sshd[2039]: Invalid user admin from 91.197.232.109
Jul 27 01:34:01 ip-172-31-46-92 sshd[2039]: input_userauth_request: invalid user admin [preauth]
Jul 27 01:34:03 ip-172-31-46-92 sshd[2039]: Connection closed by 91.197.232.109 port 58420 [preauth]
Jul 27 01:34:10 ip-172-31-46-92 sshd[2041]: Invalid user admin from 91.197.232.109
Jul 27 01:34:10 ip-172-31-46-92 sshd[2041]: input_userauth_request: invalid user admin [preauth]
Jul 27 01:34:11 ip-172-31-46-92 sshd[2041]: Connection closed by 91.197.232.109 port 37623 [preauth]
Jul 27 01:34:21 ip-172-31-46-92 sshd[2043]: Invalid user admin from 91.197.232.109
Jul 27 01:34:21 ip-172-31-46-92 sshd[2043]: input_userauth_request: invalid user admin [preauth]
Jul 27 01:34:22 ip-172-31-46-92 sshd[2043]: Connection closed by 91.197.232.109 port 58973 [preauth]
Jul 27 01:34:22 ip-172-31-46-92 sshd[2045]: Invalid user admin from 91.197.232.109
Jul 27 01:34:22 ip-172-31-46-92 sshd[2045]: input_userauth_request: invalid user admin [preauth]
Jul 27 01:34:22 ip-172-31-46-92 sshd[2045]: Connection closed by 91.197.232.109 port 39949 [preauth]
Jul 27 01:34:23 ip-172-31-46-92 sshd[2047]: Invalid user admin from 91.197.232.109
Jul 27 01:34:23 ip-172-31-46-92 sshd[2047]: input_userauth_request: invalid user admin [preauth]
Jul 27 01:34:23 ip-172-31-46-92 sshd[2047]: Connection closed by 91.197.232.109 port 42832 [preauth]
Jul 27 01:34:24 ip-172-31-46-92 sshd[2049]: Invalid user api from 91.197.232.109
Jul 27 01:34:24 ip-172-31-46-92 sshd[2049]: input_userauth_request: invalid user api [preauth]
Jul 27 01:34:25 ip-172-31-46-92 sshd[2049]: Connection closed by 91.197.232.109 port 45022 [preauth]
Jul 27 01:34:45 ip-172-31-46-92 sshd[2051]: Invalid user dbadmin from 91.197.232.109
Jul 27 01:34:45 ip-172-31-46-92 sshd[2051]: input_userauth_request: invalid user dbadmin [preauth]
Jul 27 01:34:45 ip-172-31-46-92 sshd[2051]: Connection closed by 91.197.232.109 port 49284 [preauth]
Jul 27 01:34:52 ip-172-31-46-92 sshd[2053]: Invalid user default from 91.197.232.109
Jul 27 01:34:52 ip-172-31-46-92 sshd[2053]: input_userauth_request: invalid user default [preauth]
Jul 27 01:34:52 ip-172-31-46-92 sshd[2053]: Connection closed by 91.197.232.109 port 45188 [preauth]
Jul 27 01:35:06 ip-172-31-46-92 sshd[2055]: Invalid user default from 91.197.232.109
Jul 27 01:35:06 ip-172-31-46-92 sshd[2055]: input_userauth_request: invalid user default [preauth]
Jul 27 01:35:06 ip-172-31-46-92 sshd[2055]: Connection closed by 91.197.232.109 port 58413 [preauth]
Jul 27 01:35:16 ip-172-31-46-92 sshd[2057]: Invalid user ftp from 91.197.232.109
Jul 27 01:35:16 ip-172-31-46-92 sshd[2057]: input_userauth_request: invalid user ftp [preauth]
Jul 27 01:35:16 ip-172-31-46-92 sshd[2057]: Connection closed by 91.197.232.109 port 42734 [preauth]
Jul 27 01:35:36 ip-172-31-46-92 sshd[2059]: Invalid user ftpuser from 91.197.232.109
Jul 27 01:35:36 ip-172-31-46-92 sshd[2059]: input_userauth_request: invalid user ftpuser [preauth]
Jul 27 01:35:36 ip-172-31-46-92 sshd[2059]: Connection closed by 91.197.232.109 port 42035 [preauth]
Jul 27 01:35:48 ip-172-31-46-92 sshd[2061]: Invalid user git from 91.197.232.109
Jul 27 01:35:48 ip-172-31-46-92 sshd[2061]: input_userauth_request: invalid user git [preauth]
Jul 27 01:35:48 ip-172-31-46-92 sshd[2061]: Connection closed by 91.197.232.109 port 51490 [preauth]
Jul 27 01:35:58 ip-172-31-46-92 sshd[2063]: Connection closed by 91.197.232.109 port 53336 [preauth]
Jul 27 01:36:03 ip-172-31-46-92 sshd[2065]: Invalid user gpadmin from 91.197.232.109
Jul 27 01:36:03 ip-172-31-46-92 sshd[2065]: input_userauth_request: invalid user gpadmin [preauth]
Jul 27 01:36:03 ip-172-31-46-92 sshd[2065]: Connection closed by 91.197.232.109 port 58181 [preauth]
Jul 27 01:36:12 ip-172-31-46-92 sshd[2067]: Invalid user guest from 91.197.232.109
Jul 27 01:36:12 ip-172-31-46-92 sshd[2067]: input_userauth_request: invalid user guest [preauth]
Jul 27 01:36:13 ip-172-31-46-92 sshd[2067]: Connection closed by 91.197.232.109 port 45428 [preauth]
Jul 27 01:36:27 ip-172-31-46-92 sshd[2069]: Invalid user monitor from 91.197.232.109
Jul 27 01:36:27 ip-172-31-46-92 sshd[2069]: input_userauth_request: invalid user monitor [preauth]
Jul 27 01:36:28 ip-172-31-46-92 sshd[2069]: Connection closed by 91.197.232.109 port 56056 [preauth]
Jul 27 01:36:52 ip-172-31-46-92 sshd[2071]: Invalid user mysql from 91.197.232.109
Jul 27 01:36:52 ip-172-31-46-92 sshd[2071]: input_userauth_request: invalid user mysql [preauth]
Jul 27 01:36:52 ip-172-31-46-92 sshd[2071]: Connection closed by 91.197.232.109 port 45977 [preauth]
Jul 27 01:36:54 ip-172-31-46-92 sshd[2073]: Invalid user mysql from 91.197.232.109
Jul 27 01:36:54 ip-172-31-46-92 sshd[2073]: input_userauth_request: invalid user mysql [preauth]
Jul 27 01:36:54 ip-172-31-46-92 sshd[2073]: Connection closed by 91.197.232.109 port 37560 [preauth]
Jul 27 01:37:05 ip-172-31-46-92 sshd[2075]: Invalid user operator from 91.197.232.109
Jul 27 01:37:05 ip-172-31-46-92 sshd[2075]: input_userauth_request: invalid user operator [preauth]
Jul 27 01:37:06 ip-172-31-46-92 sshd[2075]: Connection closed by 91.197.232.109 port 41326 [preauth]
Jul 27 01:37:21 ip-172-31-46-92 sshd[2077]: Invalid user osmc from 91.197.232.109
Jul 27 01:37:21 ip-172-31-46-92 sshd[2077]: input_userauth_request: invalid user osmc [preauth]
Jul 27 01:37:21 ip-172-31-46-92 sshd[2077]: Connection closed by 91.197.232.109 port 53797 [preauth]
Jul 27 01:37:34 ip-172-31-46-92 sshd[2079]: Invalid user pi from 91.197.232.109
Jul 27 01:37:34 ip-172-31-46-92 sshd[2079]: input_userauth_request: invalid user pi [preauth]
Jul 27 01:37:40 ip-172-31-46-92 sshd[2079]: Connection closed by 91.197.232.109 port 59105 [preauth]
Jul 27 01:37:50 ip-172-31-46-92 sshd[2081]: Connection closed by 91.197.232.109 port 48848 [preauth]
Jul 27 01:38:19 ip-172-31-46-92 sshd[2083]: Connection closed by 91.197.232.109 port 33851 [preauth]
Jul 27 01:38:50 ip-172-31-46-92 sshd[2085]: Connection closed by 91.197.232.109 port 34036 [preauth]
Jul 27 01:39:10 ip-172-31-46-92 sshd[2089]: Received disconnect from 221.194.47.233 port 60863:11:  [preauth]
Jul 27 01:39:10 ip-172-31-46-92 sshd[2089]: Disconnected from 221.194.47.233 port 60863 [preauth]
Jul 27 01:39:21 ip-172-31-46-92 sshd[2087]: Invalid user service from 91.197.232.109
Jul 27 01:39:21 ip-172-31-46-92 sshd[2087]: input_userauth_request: invalid user service [preauth]
Jul 27 01:39:22 ip-172-31-46-92 sshd[2087]: Connection closed by 91.197.232.109 port 53407 [preauth]
Jul 27 01:39:45 ip-172-31-46-92 sshd[2091]: Connection closed by 91.197.232.109 port 38317 [preauth]
Jul 27 01:39:54 ip-172-31-46-92 sshd[2093]: Invalid user support from 91.197.232.109
Jul 27 01:39:54 ip-172-31-46-92 sshd[2093]: input_userauth_request: invalid user support [preauth]
Jul 27 01:39:55 ip-172-31-46-92 sshd[2093]: Connection closed by 91.197.232.109 port 46650 [preauth]
Jul 27 01:40:00 ip-172-31-46-92 sshd[2097]: Received disconnect from 121.18.238.28 port 42145:11:  [preauth]
Jul 27 01:40:00 ip-172-31-46-92 sshd[2097]: Disconnected from 121.18.238.28 port 42145 [preauth]
Jul 27 01:40:07 ip-172-31-46-92 sshd[2095]: Invalid user sysadmin from 91.197.232.109
Jul 27 01:40:07 ip-172-31-46-92 sshd[2095]: input_userauth_request: invalid user sysadmin [preauth]
Jul 27 01:40:07 ip-172-31-46-92 sshd[2095]: Connection closed by 91.197.232.109 port 57613 [preauth]
Jul 27 01:40:18 ip-172-31-46-92 sshd[2099]: Invalid user telecomadmin from 91.197.232.109
Jul 27 01:40:18 ip-172-31-46-92 sshd[2099]: input_userauth_request: invalid user telecomadmin [preauth]
Jul 27 01:40:18 ip-172-31-46-92 sshd[2099]: Connection closed by 91.197.232.109 port 52363 [preauth]
Jul 27 01:40:30 ip-172-31-46-92 sshd[2101]: Invalid user telnet from 91.197.232.109
Jul 27 01:40:30 ip-172-31-46-92 sshd[2101]: input_userauth_request: invalid user telnet [preauth]
Jul 27 01:40:51 ip-172-31-46-92 sshd[2101]: Connection closed by 91.197.232.109 port 59381 [preauth]
Jul 27 01:41:17 ip-172-31-46-92 sshd[2103]: Invalid user test from 91.197.232.109
Jul 27 01:41:17 ip-172-31-46-92 sshd[2103]: input_userauth_request: invalid user test [preauth]
Jul 27 01:41:18 ip-172-31-46-92 sshd[2103]: Connection closed by 91.197.232.109 port 47612 [preauth]
Jul 27 01:41:44 ip-172-31-46-92 sshd[2105]: Connection closed by 91.197.232.109 port 44021 [preauth]
Jul 27 01:42:21 ip-172-31-46-92 sshd[2107]: Invalid user ubnt from 91.197.232.109
Jul 27 01:42:21 ip-172-31-46-92 sshd[2107]: input_userauth_request: invalid user ubnt [preauth]
Jul 27 01:42:29 ip-172-31-46-92 sshd[2107]: Connection closed by 91.197.232.109 port 48047 [preauth]
Jul 27 01:42:38 ip-172-31-46-92 sshd[2109]: Invalid user user from 91.197.232.109
Jul 27 01:42:38 ip-172-31-46-92 sshd[2109]: input_userauth_request: invalid user user [preauth]
Jul 27 01:42:38 ip-172-31-46-92 sshd[2109]: Connection closed by 91.197.232.109 port 60938 [preauth]
Jul 27 01:42:55 ip-172-31-46-92 sshd[2111]: Invalid user user1 from 91.197.232.109
Jul 27 01:42:55 ip-172-31-46-92 sshd[2111]: input_userauth_request: invalid user user1 [preauth]
Jul 27 01:42:55 ip-172-31-46-92 sshd[2111]: Connection closed by 91.197.232.109 port 50620 [preauth]
Jul 27 01:43:02 ip-172-31-46-92 sshd[2113]: Connection closed by 91.197.232.109 port 54552 [preauth]
Jul 27 01:55:18 ip-172-31-46-92 sshd[2127]: Received disconnect from 121.18.238.123 port 56195:11:  [preauth]
Jul 27 01:55:18 ip-172-31-46-92 sshd[2127]: Disconnected from 121.18.238.123 port 56195 [preauth]
Jul 27 01:56:29 ip-172-31-46-92 sshd[2129]: Received disconnect from 59.45.175.64 port 33167:11:  [preauth]
Jul 27 01:56:29 ip-172-31-46-92 sshd[2129]: Disconnected from 59.45.175.64 port 33167 [preauth]
Jul 27 02:17:01 ip-172-31-46-92 CRON[2143]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul 27 02:17:01 ip-172-31-46-92 CRON[2143]: pam_unix(cron:session): session closed for user root
Jul 27 02:47:19 ip-172-31-46-92 sshd[2158]: Received disconnect from 59.45.175.86 port 51273:11:  [preauth]
Jul 27 02:47:19 ip-172-31-46-92 sshd[2158]: Disconnected from 59.45.175.86 port 51273 [preauth]
Jul 27 03:03:54 ip-172-31-46-92 sshd[2160]: Received disconnect from 221.194.47.233 port 45178:11:  [preauth]
Jul 27 03:03:54 ip-172-31-46-92 sshd[2160]: Disconnected from 221.194.47.233 port 45178 [preauth]
Jul 27 03:13:06 ip-172-31-46-92 sshd[2174]: Received disconnect from 59.45.175.62 port 45244:11:  [preauth]
Jul 27 03:13:06 ip-172-31-46-92 sshd[2174]: Disconnected from 59.45.175.62 port 45244 [preauth]
Jul 27 03:15:52 ip-172-31-46-92 sshd[2176]: Received disconnect from 121.18.238.125 port 39917:11:  [preauth]
Jul 27 03:15:52 ip-172-31-46-92 sshd[2176]: Disconnected from 121.18.238.125 port 39917 [preauth]
Jul 27 03:17:01 ip-172-31-46-92 CRON[2178]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul 27 03:17:01 ip-172-31-46-92 CRON[2178]: pam_unix(cron:session): session closed for user root
Jul 27 03:23:07 ip-172-31-46-92 sshd[2181]: Received disconnect from 221.194.47.242 port 47004:11:  [preauth]
Jul 27 03:23:07 ip-172-31-46-92 sshd[2181]: Disconnected from 221.194.47.242 port 47004 [preauth]
Jul 27 03:48:14 ip-172-31-46-92 sshd[2195]: Received disconnect from 59.45.175.64 port 55880:11:  [preauth]
Jul 27 03:48:14 ip-172-31-46-92 sshd[2195]: Disconnected from 59.45.175.64 port 55880 [preauth]
Jul 27 04:00:27 ip-172-31-46-92 sshd[2197]: Received disconnect from 221.194.44.212 port 51987:11:  [preauth]
Jul 27 04:00:27 ip-172-31-46-92 sshd[2197]: Disconnected from 221.194.44.212 port 51987 [preauth]
Jul 27 04:17:01 ip-172-31-46-92 CRON[2211]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul 27 04:17:01 ip-172-31-46-92 CRON[2211]: pam_unix(cron:session): session closed for user root
Jul 27 04:29:10 ip-172-31-46-92 sshd[2214]: Received disconnect from 121.18.238.119 port 36569:11:  [preauth]
Jul 27 04:29:10 ip-172-31-46-92 sshd[2214]: Disconnected from 121.18.238.119 port 36569 [preauth]
Jul 27 04:35:21 ip-172-31-46-92 sshd[2228]: Received disconnect from 121.18.238.106 port 38067:11:  [preauth]
Jul 27 04:35:21 ip-172-31-46-92 sshd[2228]: Disconnected from 121.18.238.106 port 38067 [preauth]
Jul 27 04:41:45 ip-172-31-46-92 sshd[2230]: Received disconnect from 221.194.47.236 port 57096:11:  [preauth]
Jul 27 04:41:45 ip-172-31-46-92 sshd[2230]: Disconnected from 221.194.47.236 port 57096 [preauth]
Jul 27 04:42:42 ip-172-31-46-92 sshd[2232]: Received disconnect from 59.45.175.62 port 51943:11:  [preauth]
Jul 27 04:42:42 ip-172-31-46-92 sshd[2232]: Disconnected from 59.45.175.62 port 51943 [preauth]
Jul 27 05:17:01 ip-172-31-46-92 CRON[2246]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul 27 05:17:01 ip-172-31-46-92 CRON[2246]: pam_unix(cron:session): session closed for user root
Jul 27 06:12:22 ip-172-31-46-92 sshd[2273]: Invalid user admin from 96.28.81.66
Jul 27 06:12:22 ip-172-31-46-92 sshd[2273]: input_userauth_request: invalid user admin [preauth]
Jul 27 06:12:23 ip-172-31-46-92 sshd[2273]: error: maximum authentication attempts exceeded for invalid user admin from 96.28.81.66 port 47533 ssh2 [preauth]
Jul 27 06:12:23 ip-172-31-46-92 sshd[2273]: Disconnecting: Too many authentication failures [preauth]
Jul 27 06:17:01 ip-172-31-46-92 CRON[2287]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul 27 06:17:01 ip-172-31-46-92 CRON[2287]: pam_unix(cron:session): session closed for user root
Jul 27 06:17:39 ip-172-31-46-92 sshd[2290]: Invalid user ubnt from 183.17.227.107
Jul 27 06:17:39 ip-172-31-46-92 sshd[2290]: input_userauth_request: invalid user ubnt [preauth]
Jul 27 06:17:41 ip-172-31-46-92 sshd[2290]: error: maximum authentication attempts exceeded for invalid user ubnt from 183.17.227.107 port 46576 ssh2 [preauth]
Jul 27 06:17:41 ip-172-31-46-92 sshd[2290]: Disconnecting: Too many authentication failures [preauth]
Jul 27 06:25:01 ip-172-31-46-92 CRON[2292]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul 27 06:25:10 ip-172-31-46-92 CRON[2292]: pam_unix(cron:session): session closed for user root
Jul 27 06:38:07 ip-172-31-46-92 sshd[2398]: Received disconnect from 163.172.204.244 port 47598:11: Bye Bye [preauth]
Jul 27 06:38:07 ip-172-31-46-92 sshd[2398]: Disconnected from 163.172.204.244 port 47598 [preauth]
Jul 27 07:17:01 ip-172-31-46-92 CRON[2424]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul 27 07:17:01 ip-172-31-46-92 CRON[2424]: pam_unix(cron:session): session closed for user root
Jul 27 07:40:24 ip-172-31-46-92 sshd[2439]: Connection closed by 157.25.72.188 port 53426 [preauth]
Jul 27 07:54:24 ip-172-31-46-92 sshd[2441]: Did not receive identification string from 196.52.43.51
Jul 27 08:17:01 ip-172-31-46-92 CRON[2454]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul 27 08:17:01 ip-172-31-46-92 CRON[2454]: pam_unix(cron:session): session closed for user root
Jul 27 08:32:44 ip-172-31-46-92 sshd[2469]: Connection closed by 103.78.132.3 port 40912 [preauth]
Jul 27 08:42:33 ip-172-31-46-92 sshd[2471]: userauth_pubkey: key type ssh-dss not in PubkeyAcceptedKeyTypes [preauth]
Jul 27 08:42:33 ip-172-31-46-92 sshd[2471]: Accepted publickey for ubuntu from 195.212.29.178 port 44032 ssh2: RSA SHA256:8f0RkWdZil4jBpv/fSX/mM6wlJatBgrUAETXiGUbegg
Jul 27 08:42:33 ip-172-31-46-92 sshd[2471]: pam_unix(sshd:session): session opened for user ubuntu by (uid=0)
Jul 27 08:42:33 ip-172-31-46-92 systemd: pam_unix(systemd-user:session): session opened for user ubuntu by (uid=0)
Jul 27 08:42:33 ip-172-31-46-92 systemd-logind[1074]: New session 20 of user ubuntu.
Jul 27 08:42:40 ip-172-31-46-92 su[2554]: Successful su for tomasz by ubuntu
Jul 27 08:42:40 ip-172-31-46-92 su[2554]: + /dev/pts/0 ubuntu:tomasz
Jul 27 08:42:40 ip-172-31-46-92 su[2554]: pam_unix(su:session): session opened for user tomasz by ubuntu(uid=1000)
Jul 27 08:42:40 ip-172-31-46-92 su[2554]: pam_systemd(su:session): Cannot create session: Already running in a session
Jul 27 08:47:36 ip-172-31-46-92 sshd[2471]: pam_unix(sshd:session): session closed for user ubuntu
Jul 27 08:47:36 ip-172-31-46-92 su[2554]: pam_unix(su:session): session closed for user tomasz
Jul 27 08:47:36 ip-172-31-46-92 systemd-logind[1074]: Removed session 20.
Jul 27 08:47:36 ip-172-31-46-92 systemd: pam_unix(systemd-user:session): session closed for user ubuntu
Jul 27 08:49:32 ip-172-31-46-92 sshd[2586]: userauth_pubkey: key type ssh-dss not in PubkeyAcceptedKeyTypes [preauth]
Jul 27 08:49:32 ip-172-31-46-92 sshd[2586]: Accepted publickey for ubuntu from 195.212.29.178 port 44164 ssh2: RSA SHA256:8f0RkWdZil4jBpv/fSX/mM6wlJatBgrUAETXiGUbegg
Jul 27 08:49:32 ip-172-31-46-92 sshd[2586]: pam_unix(sshd:session): session opened for user ubuntu by (uid=0)
Jul 27 08:49:32 ip-172-31-46-92 systemd: pam_unix(systemd-user:session): session opened for user ubuntu by (uid=0)
Jul 27 08:49:32 ip-172-31-46-92 systemd-logind[1074]: New session 21 of user ubuntu.
Jul 27 08:49:38 ip-172-31-46-92 su[2639]: Successful su for tomasz by ubuntu
Jul 27 08:49:38 ip-172-31-46-92 su[2639]: + /dev/pts/0 ubuntu:tomasz
Jul 27 08:49:38 ip-172-31-46-92 su[2639]: pam_unix(su:session): session opened for user tomasz by ubuntu(uid=1000)
Jul 27 08:49:38 ip-172-31-46-92 su[2639]: pam_systemd(su:session): Cannot create session: Already running in a session
Jul 27 08:51:52 ip-172-31-46-92 su[2639]: pam_unix(su:session): session closed for user tomasz
Jul 27 08:51:54 ip-172-31-46-92 sshd[2624]: Received disconnect from 195.212.29.178 port 44164:11: disconnected by user
Jul 27 08:51:54 ip-172-31-46-92 sshd[2624]: Disconnected from 195.212.29.178 port 44164
Jul 27 08:51:54 ip-172-31-46-92 sshd[2586]: pam_unix(sshd:session): session closed for user ubuntu
Jul 27 08:51:54 ip-172-31-46-92 systemd-logind[1074]: Removed session 21.
Jul 27 08:56:20 ip-172-31-46-92 sshd[2698]: userauth_pubkey: key type ssh-dss not in PubkeyAcceptedKeyTypes [preauth]
Jul 27 08:56:20 ip-172-31-46-92 sshd[2698]: Accepted publickey for ubuntu from 195.212.29.178 port 44536 ssh2: RSA SHA256:8f0RkWdZil4jBpv/fSX/mM6wlJatBgrUAETXiGUbegg
Jul 27 08:56:20 ip-172-31-46-92 sshd[2698]: pam_unix(sshd:session): session opened for user ubuntu by (uid=0)
Jul 27 08:56:20 ip-172-31-46-92 systemd: pam_unix(systemd-user:session): session opened for user ubuntu by (uid=0)
Jul 27 08:56:20 ip-172-31-46-92 systemd-logind[1074]: New session 22 of user ubuntu.
Jul 27 09:06:53 ip-172-31-46-92 sshd[2698]: pam_unix(sshd:session): session closed for user ubuntu
Jul 27 09:06:53 ip-172-31-46-92 systemd-logind[1074]: Removed session 22.
Jul 27 09:06:53 ip-172-31-46-92 systemd: pam_unix(systemd-user:session): session closed for user ubuntu
Jul 27 09:08:13 ip-172-31-46-92 sshd[2771]: userauth_pubkey: key type ssh-dss not in PubkeyAcceptedKeyTypes [preauth]
Jul 27 09:08:13 ip-172-31-46-92 sshd[2771]: Accepted publickey for ubuntu from 195.212.29.178 port 44768 ssh2: RSA SHA256:8f0RkWdZil4jBpv/fSX/mM6wlJatBgrUAETXiGUbegg
Jul 27 09:08:13 ip-172-31-46-92 sshd[2771]: pam_unix(sshd:session): session opened for user ubuntu by (uid=0)
Jul 27 09:08:13 ip-172-31-46-92 systemd: pam_unix(systemd-user:session): session opened for user ubuntu by (uid=0)
Jul 27 09:08:13 ip-172-31-46-92 systemd-logind[1074]: New session 23 of user ubuntu.
Jul 27 09:08:17 ip-172-31-46-92 su[2824]: pam_unix(su:auth): authentication failure; logname=ubuntu uid=1000 euid=0 tty=/dev/pts/0 ruser=ubuntu rhost=  user=root
Jul 27 09:08:20 ip-172-31-46-92 su[2824]: pam_authenticate: Authentication failure
Jul 27 09:08:20 ip-172-31-46-92 su[2824]: FAILED su for root by ubuntu
Jul 27 09:08:20 ip-172-31-46-92 su[2824]: - /dev/pts/0 ubuntu:root
Jul 27 09:08:39 ip-172-31-46-92 su[2825]: pam_unix(su:auth): authentication failure; logname=ubuntu uid=1000 euid=0 tty=/dev/pts/0 ruser=ubuntu rhost=  user=root
Jul 27 09:08:41 ip-172-31-46-92 su[2825]: pam_authenticate: Authentication failure
Jul 27 09:08:41 ip-172-31-46-92 su[2825]: FAILED su for root by ubuntu
Jul 27 09:08:41 ip-172-31-46-92 su[2825]: - /dev/pts/0 ubuntu:root
Jul 27 09:12:11 ip-172-31-46-92 sudo:   ubuntu : TTY=pts/0 ; PWD=/home/ubuntu ; USER=root ; COMMAND=/bin/su
Jul 27 09:12:11 ip-172-31-46-92 sudo: pam_unix(sudo:session): session opened for user root by ubuntu(uid=0)
Jul 27 09:12:11 ip-172-31-46-92 su[2827]: Successful su for root by root
Jul 27 09:12:11 ip-172-31-46-92 su[2827]: + /dev/pts/0 root:root
Jul 27 09:12:11 ip-172-31-46-92 su[2827]: pam_unix(su:session): session opened for user root by ubuntu(uid=0)
Jul 27 09:12:11 ip-172-31-46-92 su[2827]: pam_systemd(su:session): Cannot create session: Already running in a session
Jul 27 09:12:36 ip-172-31-46-92 su[2827]: pam_unix(su:session): session closed for user root
Jul 27 09:12:36 ip-172-31-46-92 sudo: pam_unix(sudo:session): session closed for user root
Jul 27 09:12:38 ip-172-31-46-92 sshd[2809]: Received disconnect from 195.212.29.178 port 44768:11: disconnected by user
Jul 27 09:12:38 ip-172-31-46-92 sshd[2809]: Disconnected from 195.212.29.178 port 44768
Jul 27 09:12:38 ip-172-31-46-92 sshd[2771]: pam_unix(sshd:session): session closed for user ubuntu
Jul 27 09:12:38 ip-172-31-46-92 systemd-logind[1074]: Removed session 23.
Jul 27 09:17:01 ip-172-31-46-92 CRON[2852]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul 27 09:17:01 ip-172-31-46-92 CRON[2852]: pam_unix(cron:session): session closed for user root
Jul 27 09:21:51 ip-172-31-46-92 sshd[2867]: Connection closed by 157.25.72.188 port 54839 [preauth]
Jul 27 09:29:48 ip-172-31-46-92 sshd[2869]: userauth_pubkey: key type ssh-dss not in PubkeyAcceptedKeyTypes [preauth]
Jul 27 09:29:48 ip-172-31-46-92 sshd[2869]: Accepted publickey for ubuntu from 195.212.29.178 port 45076 ssh2: RSA SHA256:8f0RkWdZil4jBpv/fSX/mM6wlJatBgrUAETXiGUbegg
Jul 27 09:29:48 ip-172-31-46-92 sshd[2869]: pam_unix(sshd:session): session opened for user ubuntu by (uid=0)
Jul 27 09:29:48 ip-172-31-46-92 systemd: pam_unix(systemd-user:session): session opened for user ubuntu by (uid=0)
Jul 27 09:29:48 ip-172-31-46-92 systemd-logind[1074]: New session 25 of user ubuntu.
ubuntu@ip-172-31-46-92:/var/log$