I have a website server running on this droplet. Specifically Vesta CP, WordPress running on Ubuntu 18.04, which was originally hardened to only accept the following factors: my user, my password, and my key. I don’t know what is going on with it now. It started with refusing to accept my SSH key. I logged in via the console to see what the problem was. My user’s .ssh directory was gone, it now had a single file named ssh in the home folder, there was idrsa.pub in the home folder, and authorizedkeys was in the home folder as well. I tried to reconstruct the directories but to no avail. I even created new keys and used FTP to sync the server up with my pc. I went into ssh_config and checked the settings, tried to change it to a password only and do away with the key authentication. Now it keeps saying the connection was reset by a peer.

I’m completely, utterly lost at this point, and cannot seem to find any documentation in Google that applies to this situation at all. As far as the server being compromised, I haven’t seen any signs that it has been accessed by someone else. Do droplets depreciate over time or something?