hi, i have shared ssh account and someone use it for illegal activity on some site, how to block the site so my member can’t access on it?
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Hi @gregoriusrahadi21
Does the user account have
sudo
access - or is it the userroot
- if that’s the case, then anything could have been installed or changed, meaning your server quite possibly has been compromised. In that case I would probably recommend reinstalling the entire server and manually go thru everything you copy over.If the user only had access to limited parts of the system, then you can remove the public key from
/home/USERNAME/.ssh/authorized_keys
or/root/.ssh/authorized_keys
. If you’re using the same user account and the key, then you first need to generate a new key and then when you login with the new key, then you can remove the previous key. https://www.digitalocean.com/community/tutorials/how-to-use-ssh-keys-with-putty-on-digitalocean-droplets-windows-users