> In order to be able to intervene on your dedicated server without your root password, the automatic installation of ssh key is done. Only authorized employees of OVH will use it. It is not a gap in security, contrary, thanks to this OVH has root rights to your server and may identify the problems with your server. When you request an intervention, we need to have access to ssh.
Sounds to me like what is needed for a managed root-server. Actually it's kinda cool because you can enjoy timely upgrades, security fixes and response to ddos attacks while at the same time you also have the flexibility to install needed software without going through a change request workflow...
A SSH private key is just some bytes. Once you have access to it, you have access to it forever in the future. RSA doesn't care if you are an "authorized employee".
A static SSH key for a single human is already risky over a long time period, but for a key that is shared between multiple humans... wow.
> In order to be able to intervene on your dedicated server without your root password, the automatic installation of ssh key is done. Only authorized employees of OVH will use it. It is not a gap in security, contrary, thanks to this OVH has root rights to your server and may identify the problems with your server. When you request an intervention, we need to have access to ssh.