I have a website server running on this droplet. Specifically Vesta CP, WordPress running on Ubuntu 18.04, which was originally hardened to only accept the following factors: my user, my password, and my key. I don’t know what is going on with it now. It started with refusing to accept my SSH key. I logged in via the console to see what the problem was. My user’s .ssh directory was gone, it now had a single file named ssh in the home folder, there was id_rsa.pub in the home folder, and authorized_keys was in the home folder as well. I tried to reconstruct the directories but to no avail. I even created new keys and used FTP to sync the server up with my pc. I went into ssh_config and checked the settings, tried to change it to a password only and do away with the key authentication. Now it keeps saying the connection was reset by a peer.
I’m completely, utterly lost at this point, and cannot seem to find any documentation in Google that applies to this situation at all. As far as the server being compromised, I haven’t seen any signs that it has been accessed by someone else. Do droplets depreciate over time or something?
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.