Colocated Server Being Hijacked?

[Manie]

Dear,

I have some trouble with a customer who placed their colocated server within our network. He however has nog clue about servers or what so ever, So I offered him to help him.

Now I can't login on the system trough SSH anymore :-(
I already asked him, and he told he gave his admin information to his cousin to help him. Well I already presumed he just changed the admin and root password for the system.

However: He says he didn't change anything.

Now I can't restart the SSHD service trough DirectAdmin. It says:
"An error has occurred - Details"

I already rebooted the system 2 times, no change in this.

Now I wonder:
If I can succesfully login as admin into the DirectAdmin panel, it should be the same password for the user admin trough SSH right?

Cause in that case I don't get when I keep getting: Access denied
in my putty :-(

Can anyone offer some usefull insight in this? I prefere not to reinstall the entire machine

 

[Manie]

Okay, guess I fixed it.
SSH does not accept the user "admin" anymore.
( Really don't have a clue why! )

However I fixed it by adding Root login to SSH for a few moments, logged in as root (hurray that still worked. )

And made me a user to open ssh conections with, and switch to root to from.

The only strange thing which happens is that I can't reload / start stop or what so ever SSH trough DirectAdmin.
What is the best way to determine the problem with this?

Found this in the Task Que log, seems rather strange, but it's with named and not sshd :-(

2006:11:15-11:56:01: cmd: /etc/init.d/httpd restart >>/dev/null 2>>/dev/null
2006:11:15-11:56:04: cmd: /etc/init.d/named reload >>/dev/null 2>>/dev/null
2006:11:15-11:56:04: Error reloading service named : uid 0 gid 0 : /etc/init.d/named reload >>/dev/null 2>>/dev/null