SSH logging in without password or public key in `authorized_hosts`

My primary user account can be logged into without a password or a public key in the authorized_hosts file, while other users still need a password.

Gnome autologin is enabled for this user, and Yubikey no-touch password authentication is enabled for all users, but disabling them (pulling out the Yubikey in the latter case) doesn’t seem to stop this behavior either. Tailscale ssh is also enabled, but this was happening before as well, including on different ports.

• The file is actually authorized_keys.
• Authorized keys can be added through nixos options. They show up in /etc/ssh/authorized_keys.d/$USER, rather than in your home directory. Check there, too.

Neither location seems to exist on my system, as far as I can tell.