I tried accessing my dietpi after a hardware reset of my NAT device (router) and noticed my password was not working. I was able to reset it just fine by initializing a shell at boot, however because I was running a web server I am wanting to make sure that the SD card was likely just corrupted and that were there no bad actors on my device. Is there a way to track changes made to the password?
I don’t think this will be possible if you don’t have configure any audit functionality already.
Could you send me a link to auditing docs?
Shouldn’t be DietPi special. Simply search for Debian related stuff on the web.