Originally posted by lyew
What steps should I now take to ensure that he hasn't created a back door for himself that he could use later on?
If you hired someone mature and professional, weren't an ass to him when he was doing the job and you have paid him on time then what motive would have to need a backdoor?
Change the root password; check .ssh/authorized_keys files for new keys; you can check for well known rootkits using the program from www.chkrootkit.org
or others. If he really wanted to install a backdoor then there's any number of methods...
The only way to know for sure is to compare an image of the system now to an image taken previously using a program like Tripwire. However you'd need a sys admin to install tripwire...