Creates new shell users with public key empty And it still creates the contents of authorized_keys I noticed that the file is filled with the key that exists in the dbispconfig client table. What is it used for? And is this normal?
I noticed this behaviour aswell, I figured the client can always login basically, even if he accidently deleted all keys in that area, most likely
The keys are being created automatically when a new user is created in ISPConfig. But these keys do not appear in ISPConfig.
would be neat to have the code upgraded to generate ecdsa keys as rsa is deprecated long time + disabled by defult in openssh ^^
Good morning, The behavior is even more serious. It copies the root's authorized_keys to all ssh users created by the ISPconfig panel. Can you please check this urgently? The behavior was verified even in a new installation of ISPConfig. Wouldn't it be this line in the printout? The interesting thing is that I only use jailkit. But shelluser_base_plugin.inc.php must be running Here at least it says that the base plugin is always used: https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5857
Yes, the root user shall have access to the users of the sites with his public key. So nothing that needs to be checked or any urgency here, you just confirmed the system works as intended. And even better, you confirmed it's working in the latest version with a fresh installation.