Well,
since the the conclusion of the quoted thread (No SSH access from external net with putty) is that the reporting user has been most likely hacked, I followed the same actions. Formatted system, installed fresh new.
Auditing my previous actions I found out that I most likely opened port 22 and did not secure osmc account with different password. “Most likely” is here because I changed provider, now having completely different ISP, location, hardware and not having the access to original router. I am not having port 22 open anymore, forwarding a different one instead.
Thanks for the advice. I am not posting paste-log /etc/ssh/sshd_config, due to not having that anymore.
1 Like