UNIX for Dummies Questions & Answers

Hi everyone,

I hope I am posting in the right spot and I really need some help. I am going through a horrible divorce and I am afraid that my husband has compromised . He set up my mac computer and router and for my job set up remote access for me. I caught him cheating on me and I think he has been logging into my computer remotely and accessing my text and emails from my attorney. I did a terminal search and have found the following. I do not know enough about unix to understand and look for footprints of where and if he is accessing but here are some of the stuff I can find. Is this a example of him log gin into my computer??

If you're concerned he's getting into your computer, take it off the internet.

Those lines don't look suspicious to me, honestly.

Have a look at

Code:

cat ~/.ssh/authorized_keys

Wrote on Windows, use tab completion for proper filename.
Unless you added an entry there, it should be empty.
If it isnt, empty it.

If he had set up your machine so you can remotly access it, create a new keyfile.
We'll help on this if required.

Thank you . I will check. The reason I am suspicious is I am missing some Key emails and certain emails mainly the ones to my attorney appear in my sent folder multiple times but he had only received the email 1 time. When I say multiple its is showing 20-30 times and a minute apart. Also I have found some very important flagged emails in my trash. What I copied and paste in the first post is also why I am concern. I kept my maiden name ( kennedy) and my husbands last name is marshall. He is not a user on this computer and nothing on this computer is a Marshall user. I have tried to search the internet to find out what the string line is telling me but I am a bit at a loss. I have also consulted security firms here but most of them only want to close any open holes in my router. I would love a walk thru setting up a new key file. I also wanted to know if Unix leaves any type of footprint when he has remote access my computer.

Seems the main thing you are worried about is that someone is reading your emails on your computer; but you do not mention specifically what email account you are using or how you access email.

If you are worried a relative is reading emails that are sensitive and related to that relative (like in a divorce proceeding), you should set up a separate email account that is unknown to your relative (like a new gmail or yahoo account) and use that new account to communicate with your lawyer.

If you want to be even more safe, do not use your computer at home to communicate with this new email account.

It's not possible for us to know to any degree of certainty if your home computer or your accounts have been compromised; so it is best to assume they have been compromised (since you are in a sensitive situation) and you should not do sensitive work on that computer until such time you are 100% sure your home computer is safe and secure from others.

1. Change your password.
2. Examine/delete your ~/.ssh/authorized_keys and ~/.ssh/authorized_keys2
3. Do 1. and 2. for the administrator(root) user.
4. Watch the network connections with the command

Code:

netstat

Thank you everyone for the help. I am going to change my email address and not use my computer at home for sensitive things until I can get someone over here to reset my network and computer . I never though of a seperate email address and thank you for making that suggestion!