Results 1 to 3 of 3

Thread: su: pam_unix(su-l:session): session opened for user (need advice)

  1. #1
    Join Date
    Jan 2017
    Location
    Nederlands
    Posts
    38

    su: pam_unix(su-l:session): session opened for user (need advice)

    Dear DA community

    Ive reinstalled one of my VPS servers last weekend
    Now evrynight all of my users try to SSH login in 1 minute according to system security log below.
    I read something about a cron job, my other VPS servers wont have this

    Please advice,

    thanks in advance

    *For security reasons i changed my usernames to user1/2/3/4/5

    May 10 00:11:01 server su: pam_unix(su-l:session): session opened for user user1 by (uid=0)
    May 10 00:11:01 server su: pam_unix(su-l:session): session closed for user user1
    May 10 00:11:01 server su: pam_unix(su-l:session): session opened for user user1 by (uid=0)
    May 10 00:11:01 server su: pam_unix(su-l:session): session closed for user user1
    May 10 00:11:01 server su: pam_unix(su-l:session): session opened for user user1 by (uid=0)
    May 10 00:11:01 server su: pam_unix(su-l:session): session closed for user user1
    May 10 00:11:01 server su: pam_unix(su-l:session): session opened for user user1 by (uid=0)
    May 10 00:11:01 server su: pam_unix(su-l:session): session closed for user user1
    May 10 00:11:01 server su: pam_unix(su-l:session): session opened for user user1 by (uid=0)
    May 10 00:11:01 server su: pam_unix(su-l:session): session closed for user user1
    May 10 00:11:01 server su: pam_unix(su-l:session): session opened for user user1 by (uid=0)
    May 10 00:11:05 server su: pam_unix(su-l:session): session closed for user user1
    May 10 00:11:05 server su: pam_unix(su-l:session): session opened for user user1 by (uid=0)
    May 10 00:11:05 server su: pam_unix(su-l:session): session closed for user user1
    May 10 00:11:06 server su: pam_unix(su-l:session): session opened for user user2 by (uid=0)
    May 10 00:11:06 server su: pam_unix(su-l:session): session closed for user user2
    May 10 00:11:06 server su: pam_unix(su-l:session): session opened for user user2 by (uid=0)
    May 10 00:11:06 server su: pam_unix(su-l:session): session closed for user user2
    May 10 00:11:06 server su: pam_unix(su-l:session): session opened for user user2 by (uid=0)
    May 10 00:11:06 server su: pam_unix(su-l:session): session closed for user user2
    May 10 00:11:06 server su: pam_unix(su-l:session): session opened for user user2 by (uid=0)
    May 10 00:11:06 server su: pam_unix(su-l:session): session closed for user user2
    May 10 00:11:06 server su: pam_unix(su-l:session): session opened for user user2 by (uid=0)
    May 10 00:11:06 server su: pam_unix(su-l:session): session closed for user user2
    May 10 00:11:06 server su: pam_unix(su-l:session): session opened for user user2 by (uid=0)
    May 10 00:11:10 server su: pam_unix(su-l:session): session closed for user user2
    May 10 00:11:10 server su: pam_unix(su-l:session): session opened for user user2 by (uid=0)
    May 10 00:11:10 server su: pam_unix(su-l:session): session closed for user user2
    May 10 00:11:11 server su: pam_unix(su-l:session): session opened for user user2by (uid=0)
    May 10 00:11:11 server su: pam_unix(su-l:session): session closed for user user3
    May 10 00:11:11 server su: pam_unix(su-l:session): session opened for user user3 by (uid=0)
    May 10 00:11:11 server su: pam_unix(su-l:session): session closed for user user3
    May 10 00:11:11 server su: pam_unix(su-l:session): session opened for user user3 by (uid=0)
    May 10 00:11:11 server su: pam_unix(su-l:session): session closed for user user3
    May 10 00:11:11 server su: pam_unix(su-l:session): session opened for user user3 by (uid=0)
    May 10 00:11:11 server su: pam_unix(su-l:session): session closed for user user3
    May 10 00:11:11 server su: pam_unix(su-l:session): session opened for user user3 by (uid=0)
    May 10 00:11:11 server su: pam_unix(su-l:session): session closed for user user3
    May 10 00:11:11 server su: pam_unix(su-l:session): session opened for user user3 by (uid=0)
    May 10 00:11:14 server su: pam_unix(su-l:session): session closed for user user3
    May 10 00:11:14 server su: pam_unix(su-l:session): session opened for user user3 by (uid=0)
    May 10 00:11:14 server su: pam_unix(su-l:session): session closed for user user3
    May 10 00:11:16 server su: pam_unix(su-l:session): session opened for user user3by (uid=0)
    May 10 00:11:16 server su: pam_unix(su-l:session): session closed for user user3
    May 10 00:11:16 server su: pam_unix(su-l:session): session opened for user user3 by (uid=0)
    May 10 00:11:16 server su: pam_unix(su-l:session): session closed for user user3
    May 10 00:11:16 server su: pam_unix(su-l:session): session opened for user user4 by (uid=0)
    May 10 00:11:16 server su: pam_unix(su-l:session): session closed for user user4
    May 10 00:11:16 server su: pam_unix(su-l:session): session opened for user user4 by (uid=0)
    May 10 00:11:16 server su: pam_unix(su-l:session): session closed for user user4
    May 10 00:11:16 server su: pam_unix(su-l:session): session opened for user user4 by (uid=0)
    May 10 00:11:16 server su: pam_unix(su-l:session): session closed for user user4
    May 10 00:11:16 server su: pam_unix(su-l:session): session opened for user user4 by (uid=0)
    May 10 00:11:20 server su: pam_unix(su-l:session): session closed for user user4
    May 10 00:11:20 server su: pam_unix(su-l:session): session opened for user user4 by (uid=0)
    May 10 00:11:20 server su: pam_unix(su-l:session): session closed for user user4
    May 10 00:11:21 server su: pam_unix(su-l:session): session opened for user user4by (uid=0)
    May 10 00:11:21 server su: pam_unix(su-l:session): session closed for user user5
    May 10 00:11:21 server su: pam_unix(su-l:session): session opened for user user5 by (uid=0)
    May 10 00:11:21 server su: pam_unix(su-l:session): session closed for user user5
    May 10 00:11:21 server su: pam_unix(su-l:session): session opened for user user5 by (uid=0)
    May 10 00:11:21 server su: pam_unix(su-l:session): session closed for user user5
    May 10 00:11:21 server su: pam_unix(su-l:session): session opened for user user5 by (uid=0)
    May 10 00:11:21 server su: pam_unix(su-l:session): session closed for user user5
    May 10 00:11:21 server su: pam_unix(su-l:session): session opened for user user5 by (uid=0)
    May 10 00:11:21 server su: pam_unix(su-l:session): session closed for user user5
    May 10 00:11:21 server su: pam_unix(su-l:session): session opened for user user5 by (uid=0)
    May 10 00:11:24 server su: pam_unix(su-l:session): session closed for user user5
    May 10 00:11:24 server su: pam_unix(su-l:session): session opened for user user5 by (uid=0)
    May 10 00:11:25 server su: pam_unix(su-l:session): session closed for user user5
    May 10 00:11:25 server su: pam_unix(su-l:session): session opened for user user5 by (uid=0)
    May 10 00:11:25 server su: pam_unix(su-l:session): session closed for user user5
    May 10 00:11:25 server su: pam_unix(su-l:session): session opened for user user5 by (uid=0)
    May 10 00:11:25 server su: pam_unix(su-l:session): session closed for user user5
    May 10 00:11:25 server su: pam_unix(su-l:session): session opened for user user5 by (uid=0)
    May 10 00:11:25 server su: pam_unix(su-l:session): session closed for user user5
    May 10 00:11:25 server su: pam_unix(su-l:session): session opened for user user5 by (uid=0)
    May 10 00:11:25 server su: pam_unix(su-l:session): session closed for user user5
    May 10 00:11:25 server su: pam_unix(su-l:session): session opened for user user5 by (uid=0)
    May 10 00:11:25 server su: pam_unix(su-l:session): session closed for user user5
    May 10 00:11:25 server su: pam_unix(su-l:session): session opened for user user5 by (uid=0)
    May 10 00:11:29 server su: pam_unix(su-l:session): session closed for user user5
    May 10 00:11:29 server su: pam_unix(su-l:session): session opened for user user5 by (uid=0)
    May 10 00:11:29 server su: pam_unix(su-l:session): session closed for user user5
    May 10 00:11:50 server su: pam_unix(su-l:session): session opened for user user5 by (uid=0)
    May 10 00:11:50 server su: pam_unix(su-l:session): session closed for user user5
    May 10 00:11:50 server su: pam_unix(su-l:session): session opened for user user5 by (uid=0)
    May 10 00:11:50 server su: pam_unix(su-l:session): session closed for user user5
    May 10 00:11:50 server su: pam_unix(su-l:session): session opened for user user5 by (uid=0)
    May 10 00:11:50 server su: pam_unix(su-l:session): session closed for user user5
    May 10 00:11:50 server su: pam_unix(su-l:session): session opened for user user5 by (uid=0)
    May 10 00:11:50 server su: pam_unix(su-l:session): session closed for user user5
    May 10 00:11:50 server su: pam_unix(su-l:session): session opened for user user5 by (uid=0)
    May 10 00:11:50 server su: pam_unix(su-l:session): session closed for user user5
    May 10 00:11:50 server su: pam_unix(su-l:session): session opened for user user5 by (uid=0)
    May 10 00:11:53 server su: pam_unix(su-l:session): session closed for user user5
    May 10 00:11:53 server su: pam_unix(su-l:session): session opened for user user5 by (uid=0)
    May 10 00:11:53 server su: pam_unix(su-l:session): session closed for user user5
    May 10 00:11:54 server su: pam_unix(su-l:session): session opened for user admin by (uid=0)
    May 10 00:11:54 server su: pam_unix(su-l:session): session closed for user user6
    May 10 00:11:54 server su: pam_unix(su-l:session): session opened for user user6 by (uid=0)
    May 10 00:11:54 server su: pam_unix(su-l:session): session closed for user user6
    May 10 00:11:54 server su: pam_unix(su-l:session): session opened for user user6 by (uid=0)
    May 10 00:11:54 server su: pam_unix(su-l:session): session closed for user user6
    May 10 00:11:54 server su: pam_unix(su-l:session): session opened for user user6 by (uid=0)
    May 10 00:11:54 server su: pam_unix(su-l:session): session closed for user user6
    May 10 00:11:54 server su: pam_unix(su-l:session): session opened for user user6 by (uid=0)
    May 10 00:11:54 server su: pam_unix(su-l:session): session closed for user user6
    May 10 00:11:54 server su: pam_unix(su-l:session): session opened for user user6 by (uid=0)
    May 10 00:11:57 server su: pam_unix(su-l:session): session closed for user user6
    May 10 00:11:57 server su: pam_unix(su-l:session): session opened for user user6 by (uid=0)
    May 10 00:11:57 server su: pam_unix(su-l:session): session closed for user user6

  2. #2
    Join Date
    Apr 2005
    Location
    GMT +7.00
    Posts
    13,044
    Hello,

    That's notification about su command not trying ssh. That's most likely caused by awstats.


    related: https://www.directadmin.com/features.php?id=1921
    Regards, Alex G.

    - You can hire me on www.poralix.com to work on your server
    - Follow and like @Poralix on Facebook

  3. #3
    Join Date
    Jan 2017
    Location
    Nederlands
    Posts
    38
    Dear zEitEr

    Yes your right, i did enabled awstats for this server, only for testing
    thanks in advance again

    Have a nice day!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •