It looks like my VPS root password has just been automatically (?) reset via the control panel, and I received a notification via email (I did not request a change).
I don't believe my Aeza billing account was compromised, considering I use two-factor authentication. Is this normal with Aeza?
Virtual machine password has been changed
The password of your virtual machine “....” has been changed successfully. Use the following credentials to manage your service:
Login: root
Password: ...
@Mumbly said:
It looks like my VPS root password has just been automatically (?) reset via the control panel, and I received a notification via email (I did not request a change).
I don't believe my Aeza billing account was compromised, considering I use two-factor authentication. Is this normal with Aeza?
I'm not sure if it's normal, but just chiming in to say that I also received this email.
@Mumbly said:
It looks like my VPS root password has just been automatically (?) reset via the control panel, and I received a notification via email (I did not request a change).
I don't believe my Aeza billing account was compromised, considering I use two-factor authentication. Is this normal with Aeza?
Virtual machine password has been changed
The password of your virtual machine “....” has been changed successfully. Use the following credentials to manage your service:
Login: root
Password: ...
And this is from their Telegram, more flashy version:
I guess they sent it to everyone but it somehow didn't email, its just a ticket in Support panel.
Good thing its not a hack or something, but it should've been communicated better(but I guess its a 1 eur vps).
I guess they sent it to everyone but it somehow didn't email, its just a ticket in Support panel.
Good thing its not a hack or something, but it should've been communicated better(but I guess its a 1 eur vps).
I guess they sent it to everyone but it somehow didn't email, its just a ticket in Support panel.
Good thing its not a hack or something, but it should've been communicated better(but I guess its a 1 eur vps).
At least it's well spent 1 euro
Even though this thing happened, I'm still happy with my 1 eur purchase. Its a steal, performance is amazing for the money.
@treesmokah said:
I guess they sent it to everyone but it somehow didn't email, its just a ticket in Support panel.
I did receive email up front about this change:
Stupid question from my side; I never thought about it this way, but providers (in this case Aeza) can always login as root to my VPS if they wanted to, right? Because apparently they can do an adhoc password reset and then use it to login via console.
@treesmokah said:
Even though this thing happened, I'm still happy with my 1 eur purchase. Its a steal, performance is amazing for the money.
Thanks again for sharing this deal. Best 1 euro I've spent in my life.
@Freek said:
Stupid question from my side; I never thought about it this way, but providers (in this case Aeza) can always login as root to my VPS if they wanted to, right? Because apparently they can do an adhoc password reset and then use it to login via console.
Most providers can actually just get into your server quite easily, most of the time due to having qemu-guest-agent installed and running as root in your VM.
VMManager (what they use) somehow installs that shit even if you manually install an ISO IIRC.
So I guess if you want to be in the safest side (which is still not 100%, as you don't have the disk drive in your hand) then encrypting the drives is the best bet.
@zgato said: VMManager (what they use) somehow installs that shit even if you manually install an ISO IIRC.
VMManager is too intrusive (unlike VirtFusion) and to configure network for example they alter disk content before booting VM. On the other hand, VirtFusion uses external cloud-init disk and is able to cooperate with encrypted disks.
However I would like to note that LUKS (or any other disk encryption) makes unauthorized access to the virtual machine only harder but not impossible.
Comments
Is it safe of using Russian company?
sure, same as US, CN they dont spy on their own companies
Mine never had any cpu steal or downtime since I got it(before I posted this thread). 1 eur for this is a steal.
As safe as any other company, proceed accordingly.
In my case it was using an anonymous account and crypto payments.
These are fair use cores, right?
I think so
It looks like my VPS root password has just been automatically (?) reset via the control panel, and I received a notification via email (I did not request a change).
I don't believe my Aeza billing account was compromised, considering I use two-factor authentication. Is this normal with Aeza?
I'm not sure if it's normal, but just chiming in to say that I also received this email.
Website: thomassen.sh
Got the same email just now
Amadex • Hosting Forums • Virtmach • Wie ist meine IP-Adresse? • AS215325
Same here. VPS works fine too.
I just found this is my Support center:
And this is from their Telegram, more flashy version:
I guess they sent it to everyone but it somehow didn't email, its just a ticket in Support panel.
Good thing its not a hack or something, but it should've been communicated better(but I guess its a 1 eur vps).
At least it's well spent 1 euro
Amadex • Hosting Forums • Virtmach • Wie ist meine IP-Adresse? • AS215325
Even though this thing happened, I'm still happy with my 1 eur purchase. Its a steal, performance is amazing for the money.
I did receive email up front about this change:
Stupid question from my side; I never thought about it this way, but providers (in this case Aeza) can always login as root to my VPS if they wanted to, right? Because apparently they can do an adhoc password reset and then use it to login via console.
Thanks again for sharing this deal. Best 1 euro I've spent in my life.
Thanked by (1): c1vhosting.
LinuxFreek.com
Received the same email, thought mine was hacked.
https://microlxc.net/
Most providers can actually just get into your server quite easily, most of the time due to having qemu-guest-agent installed and running as root in your VM.
VMManager (what they use) somehow installs that shit even if you manually install an ISO IIRC.
So I guess if you want to be in the safest side (which is still not 100%, as you don't have the disk drive in your hand) then encrypting the drives is the best bet.
VMManager is too intrusive (unlike VirtFusion) and to configure network for example they alter disk content before booting VM. On the other hand, VirtFusion uses external cloud-init disk and is able to cooperate with encrypted disks.
However I would like to note that LUKS (or any other disk encryption) makes unauthorized access to the virtual machine only harder but not impossible.
🇵🇱 KVM VPS | LG | Colocation (aff)