Question Plesk Terminal Utility - How Does Plesk Login to the Terminal? (SSH Key or Password?)

[regenix]

Server operating system version

Ubuntu 22.04 x64

Plesk version and microupdate number

Plesk Obsidian Web Admin Edition Version 18.0.63 Update #4

Just as it says in the title. I am curious to know because I enable the line in sshd_config called 'PermitRootLogin prohibit-password' and that disabled password login (which is good since I can just securely login using keys generated from PuTTY). My question is does the Plesk terminal have it's own set of keys? And how might I manage those keys if I needed to?

 

[regenix]

Just found a fantastic method for helping to get to the bottom of this.

Asked GPT-4o:
Hey is there a command in linux/ssh to show which method I used to logon? (If it was with a password or with a public key?)

GPT's Answer:

-----------
Yes, you can view the IP address associated with your current SSH session using a couple of different commands on Linux.

1. Check SSH Authentication Logs​

The SSH daemon logs connection information, including the authentication method, to system log files. You can use the following commands to search these logs for details on your login session.

• For Ubuntu/Debian-based systems:
  
  
  sudo grep 'Accepted' /var/log/auth.log

• For CentOS/RHEL-based systems:
  
  sudo grep 'Accepted' /var/log/secure

These logs will show entries like this:

Oct 1 12:34:56 server sshd[12345]: Accepted publickey for user from 192.168.1.100 port 12345 ssh2: RSA SHA256:...
Oct 1 12:35:12 server sshd[12345]: Accepted password for user from 192.168.1.100 port 12345 ssh2

In the output:

• Accepted publickey indicates that you logged in using an SSH key.
• Accepted password means you logged in using a password.

2. Check the Current SSH Session​

To check which method was used for your current session, you can use:

sudo journalctl -xe | grep sshd

or

sudo journalctl _COMM=sshd

This command will also show details about your current SSH session, including the authentication method used.

3. For Active Users (with Session Details):​

Another way to check SSH authentication status is by running:

who

or

w

This command shows active sessions but doesn't indicate the login method. You’ll need to cross-check with the log files for that detail.

By checking these logs, you can determine whether you authenticated with a password or a public key.

-----------

So I tried it.
Inside the output from running the 2nd command I got:

Accepted publickey for root from 127.0.0.1 port 58052 ssh2: RSA SHA256redacted)

Which strongly suggests Plesk is using keys to authenticate into the terminal (good!) I still have other questions and troubles but at least there's that!

P.S. If you are connecting with a few different devices want to see what your IP is for your SSH client (besides the Plesk Terminal) use:

echo $SSH_CLIENT

On that client to see client connection info.