"Permission denied" on root ssh login - Was my Pi hacked?

Acriax · 8 August 2016 20:14

I haven’t accessed my DietPi through SSH in several weeks as everything has been running smoothly. But now I wanted to make some changes to Samba, and I noticed that I’ve become unable to login through SSH. When it asks me to enter the password, it returns “Permission denied, please try again.”. I also tried the default root password. The same thing happened about a month or two ago, and I corrupted the SD card and had to reinstall when I pulled the plug on the Pi to move it to somewhere where I had a monitor and keyboard, so I’m not to keen on doing that again.

Now my root password is very weak, definitely crackable, in order to be able to type it faster, but I’m not hosting any website or anything, so I didn’t imagine anyone would attempt to hack it. Is that something that regularly happens though? People just probing random IPs and trying dictionary hacks on root passwords just like that? Or is it more likely something else?

johnvick · 9 August 2016 02:31

Is the Pi accessible from outside of your LAN i.e. do you have any ports forwarded to it such as 22 the default SSH port?

If so then being hacked is possible. If not, look for another explanation.

Acriax · 11 August 2016 07:57

Alright thanks. The only port I’ve opened on the router for the Pi is one for bittorrent.

Any ideas what the issue could be otherwise? Could “Permission denied.” when logging in to SSH mean refer to something else than a wrong password?

johnvick · 11 August 2016 10:29

Wrong username?