ssh keys for root are supported in the manner that fnichol/chef-user works. However, it has a bug: it pulls in users that aren't active.

We have a choice to make for 1.0 release: Either support ssh root keys fully, with the active users configuration of chef-user, or remove this support entirely.

Adding rootkey configuration in this manner is a 2year-old workaround to configure a server with keys for user root. We have to decide if this is still in scope of hardening. Feedback welcome.