POST SSH/EditKeyOptions

Changes Source Restrictions, and Forced commands in an authorized keys file.

Requirements

Token scope: SSH:Manage

Headers

Content type: Content-Type:application/json.
Token: The bearer access token that you received. For example, Authorization:Bearer 4MyGeneratedBearerTknz==. For more information, see Passing a bearer token in your API calls.

Parameters

Input parameters
Name	Description
KeyId	Numeric identifier of the authorized key. If the KeyId does not map to an authorized key, the error is "Failed to find key." To get this information, call GET SSH/KeysetDetails.
AllowedSourceRestriction (Optional)	List of allowed IP addresses for the key. If omitted, existing value is not changed.
DeniedSourceRestriction (Optional)	List of denied ID addresses for the key. If omitted, existing value is not changed.
ForcedCommand (Optional)	The SSH command for connections that use the authorized key. If omitted, existing value is not changed.
Options (Optional)	List of authorized key options. If omitted, existing value is not changed: no-x11-forwarding, no-agent-forwarding, no-pty, no-port-forwarding, permitopen, environment, cert-authority, principals, tunnel, allow-from, deny-from, from, command. For additional help, see OpenSSH Client configuration.

Returns

Response description
Name	Description
Response	Returns Success and True, when the configuration updated successfully. Otherwise, returns the SSH SshWebResponse object .

Example: Apply Source Restriction to a Key

Request

POST https://tpp.venafi.example/vedsdk/SSH/EditKeyOptions
Authorization:Bearer 4MyGeneratedBearerTknz==
{
   "KeyId":106,
   "AllowedSourceRestriction":[
      "192.168.1.*",
      "192.168.2.*"
   ],
   "DeniedSourceRestriction":[
      "192.168.1.1",
      "192.168.2.1"
   ],
   "ForcedCommand":"echo 'SSH connected'",
   "Options":[
      "no-pty",
      "no-port-forwarding"
   ]
}

Response

HTTP/1.1 200 OK
{
   "Success":true
}