ISPConfig - SSH User - Jailkit and root authorized_keys

Discussion in 'ISPConfig 3 Priority Support' started by tritema, Oct 23, 2020.

  1. tritema

    tritema Member HowtoForge Supporter

    Dear,

    we are analyzing the ssh feature in order to let some of our customers to use them. When we activate this stuff (ssh user from ispconfig, with jailkit enabled) in the source code we see something like that:

    Code:
    if(is_file('/root/.ssh/authorized_keys')) $app->system->file_put_contents($sshkeys, $app->system->file_get_contents('/root/.ssh/authorized_keys'));
    What is the purpose to append the root authorized_keys into the ssh user created by ispconfig itself?
    Thank you.
     
  2. Croydon

    Croydon ISPConfig Developer ISPConfig Developer

    The root key is always appended so the administrator can always log in with his key.
     
  3. tritema

    tritema Member HowtoForge Supporter

    My 2 cents: the administrator has already the root access to the server. Honestly i can't see the needs to append this public key also on the ssh sub users...
     
  4. Jesse Norell

    Jesse Norell ISPConfig Developer Staff Member ISPConfig Developer

    The purpose is for administrative convenience, as @Croydon said. If you, the admin, are setup to ssh to root on your server anyways, this allows you to save steps and potential mis-steps (ie. using the wrong command, resulting in wrong environment setup) by ssh'ing directly as a shell user when helping a client troubleshoot.
     
    tritema likes this.

Share This Page