On Wed, Apr 3, 2019 at 8:58 PM Cord <openbs...@protonmail.com> wrote: > > Hi, > I have some heavy suspect that my openbsd box was been hacked for the second > time in few weeks. The first time was been some weeks ago, I have got some > suspects and after few checks I have found that someone was been connected to > my vps via ssh on a non-standard port using my ssh key. The connection came > from a tor exit node. There were been 2 connections and up since 5 days. Now > I have some other new suspects because some private email seems knew from > others. Also I have found other open sessions on the web gui of my email > provider, but I am abolutely sure I have done the logout always. > I am using just chrome+unveil and I haven't used any other script or opened > pdf (maybe I have opened 1 or 2 pdf from inside of chrome). I have used > epiphany *only* to open the webmail because chrome crash. My email provider > support html (obviously) but generally photo are not loaded. Ofcourse I have > pf enable and few service. > I also use a vpn and I visit very few web site with chrome.. maybe 20 or 25 > website just to read news. Sometimes I search things about openbsd. > Anyone could help me ? > Cord.
Sounds to me like you're letting someone else mess with your hardware since you mention a VPS. I don't see how you could trust that in the first place. They have complete access to every machine.