Root SSH + full server access

Every VICIfast server gives you actual root SSH access — not a jailed shell, not a sudo wrapper. The dialer is yours; the platform handles the patches, snapshots, and firewall, but the box belongs to you.

Adding your SSH key

1. Dashboard → your server → Manage Firewall → SSH Keys.

2. Paste your public key (from ~/.ssh/id_ed25519.pub or equivalent).

3. The platform syncs it to /root/.ssh/authorized_keys within seconds via the platform CA.

Your private key never leaves your workstation. Revoking the key from the dashboard removes it from the box within seconds (no TTL).

What's on the box

• /etc/asterisk — yours to edit. The platform writes the initial config; subsequent edits are yours. Trunk-management writes back via SSH but only touches the specific stanzas it owns.

• /var/spool/asterisk/monitor — recordings, on your local disk.

• /root/.ssh/authorized_keys — platform-managed; do not edit by hand.

• crontab — standard VICIdial entries; you can add your own.

Recorded SSH sessions

Every SSH session is captured as an asciinema cast. Replayable from the dashboard at your server → Recorded Sessions. Audit-ready out of the box.

What the platform won't overwrite

Your crontab. Your custom AGI scripts in /var/lib/asterisk/agi-bin. Your edits to /etc/asterisk/manager.conf. The personalize script runs once at first boot and never re-runs (we fixed the cloud-init bug that used to make it re-run on reboot).

If you break the box

Same as a self-hosted server — your problem to fix. The Console Access feature is there for exactly this (when SSH is locked out). Daily snapshot gives you a fast roll-back.