Currently use preAuthenticate to allow the call to sshKeyService to succeed when it calls authenticationContext.getCurrentUser(). But this creates admin access for the life of the thread, where as SecurityService provides more control.

Since this is called via a scheduled job, it may be OK,but the use of either should be move to the job runner, and not the service layer (which can also be used by a service call to APIs)