shell user creating public key when no public key is provided

Discussion in 'General' started by buhler, Jul 23, 2024.

  1. buhler

    buhler Member

    Creates new shell users with public key empty


    upload_2024-7-23_16-49-47.png

    And it still creates the contents of authorized_keys
    upload_2024-7-23_16-53-53.png

    I noticed that the file is filled with the key that exists in the dbispconfig client table.
    What is it used for? And is this normal?
     
    Last edited: Jul 23, 2024
  2. ztk.me

    ztk.me Well-Known Member HowtoForge Supporter

    I noticed this behaviour aswell, I figured the client can always login basically, even if he accidently deleted all keys in that area, most likely
     
  3. buhler

    buhler Member

    The keys are being created automatically when a new user is created in ISPConfig.
    But these keys do not appear in ISPConfig.
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    I'll have to look this up in the code a bit more. It has been added 13 years ago.
     
    buhler likes this.
  5. ztk.me

    ztk.me Well-Known Member HowtoForge Supporter

    would be neat to have the code upgraded to generate ecdsa keys as rsa is deprecated long time + disabled by defult in openssh ^^
     
  6. buhler

    buhler Member

    Thanks
     
  7. buhler

    buhler Member

    Good morning,
    The behavior is even more serious.
    It copies the root's authorized_keys to all ssh users created by the ISPconfig panel.
    Can you please check this urgently?
    The behavior was verified even in a new installation of ISPConfig.
    Wouldn't it be this line in the printout? The interesting thing is that I only use jailkit.
    But shelluser_base_plugin.inc.php must be running
    Here at least it says that the base plugin is always used: https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5857
    upload_2025-7-2_6-48-3.png
     
    Last edited: Jul 2, 2025
  8. till

    till Super Moderator Staff Member ISPConfig Developer

    Yes, the root user shall have access to the users of the sites with his public key. So nothing that needs to be checked or any urgency here, you just confirmed the system works as intended. And even better, you confirmed it's working in the latest version with a fresh installation.
     
  9. buhler

    buhler Member

    Thanks
     

Share This Page