> Having a compromised key in ~/.ssh/authorized_keys (if that's what it > was) is effectively equivalent to allowing access to that account from > the entire Internet.
Obviously. Which is why I found it. Removed it. Told him to reupload it. He seems to have uploaded a new compromised key. Told him about it. srs -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]