Probably. You disabled root login how, via the sshd_config file? If so, you're still screwed.
Even if you fully disable root, that's not going to stop the init=/bin/sh script.
Even if you fix that (securing grub?) you're still screwed because it's a virtual machine, and they can just mount the partition to another VM, and pull all your data/reset root that way.
So, maybe if you have an encrypted partition, no root access, secure grub, and real hardware (it's probably possible to dump the VMs memory by snapshotting it, then pulling the key out that way), you would be secure against attacks like this.
With a VM? No, it's not nearly secure enough for very important things.
Well, having the whole disk dm-crypted is kind of secure I guess. At least I still have no idea how I get at my ssl certification keys from startssl, although I have a dd of that drive in question from the vps provider. I was just too clever thinking of a long passphrase and too stupid to keep at least a hint around somewhere..
Total dataloss for me. But i fyou _do_ remember your dm_crypt password, I think you're safe against these kind of attacks
Even if you fully disable root, that's not going to stop the init=/bin/sh script.
Even if you fix that (securing grub?) you're still screwed because it's a virtual machine, and they can just mount the partition to another VM, and pull all your data/reset root that way.
So, maybe if you have an encrypted partition, no root access, secure grub, and real hardware (it's probably possible to dump the VMs memory by snapshotting it, then pulling the key out that way), you would be secure against attacks like this.
With a VM? No, it's not nearly secure enough for very important things.