hi, i have shared ssh account and someone use it for illegal activity on some site, how to block the site so my member can’t access on it?
Subscribe
Share
Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Sign in to AnswerThese answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Hi @gregoriusrahadi21
Does the user account have
sudoaccess - or is it the userroot- if that’s the case, then anything could have been installed or changed, meaning your server quite possibly has been compromised. In that case I would probably recommend reinstalling the entire server and manually go thru everything you copy over.If the user only had access to limited parts of the system, then you can remove the public key from
/home/USERNAME/.ssh/authorized_keysor/root/.ssh/authorized_keys. If you’re using the same user account and the key, then you first need to generate a new key and then when you login with the new key, then you can remove the previous key. https://www.digitalocean.com/community/tutorials/how-to-use-ssh-keys-with-putty-on-digitalocean-droplets-windows-users