SSH KeyData object

Stores detailed details about the private key and contains the following fields:

SSH KeyData object

Field

Type

Description

ActiveFrom

DateTime

The date Venafi or a remote system created the key. Number of milliseconds since January 1, 1970 with a timezone offset suffix when using the JSON Date function.

Algorithm

string

The key type:

  • DSA
  • ECDSA: All ECDSA keysets with keylength P256, P348, and P521.
  • ED25519: For Open SSH only.
  • RSA
  • RSA1
  • Unknown

AllowedSourceRestriction

List of string

(Optional) The list of allowed source restrictions for the key if they are specified. Absent if the key type is not Authorized.

Approver

string
  • An array of one or more identities for users which are approvers of the pending key operation. If approver is not set or key operation is not pending approval, an empty list is returned. Example: "Approver": ["local:\{2a3d9973-f7fc-446b-931f-2335d06b398d}"]

Comment

string

(Optional) A comment about Authorized Keys. Originates from the authorized key file.

DeniedSourceRestriction

List of string

(Optional) The list of denied source restrictions for the key if they are specified. Not present if key type is not Authorized.

DeviceGuid

string

The Trust Protection Platform Guid that uniquely identifies a device.

Filepath

string

The absolute file path location for the key.

FingerprintMD5

string

The thumbprint of the host key in the MD5 format.

FingerprintSHA256

string

The thumbprint of the host key in the SHA256 algorithm format.

ForceCommand

string

(Optional) The forced command for connections with the key if specified. Not present if key type is not Authorized.

Format

string

The format of the key. Can be one of: OpenSSH, PuTTY, SSH1, or SSH2.

IsEncrypted

bool

The setting to show whether the key is encrypted: 0 = not encrypted or 1 = encrypted.

KeyId

int

The key identifier.

Keysetid

string

The identifier for a set of public and private keys.

Last Used

DateTime

The date and time the key was last used.

Length

int

The key bit length.

Notes

string

The description or comments about the key.

Options

List of string

(Optional) The list of authorized key options, expressed as name or name=value. Not present if key type is not Authorized.

ProcessError

string

(Optional) Error message, if a key operation failed for this key. For example, the Server Agent was unable to add a key. Is only populated if ProcessStatus has a value of FailedToProvision or FailedToRemove.

ProcessStatus

string

The process status of running key operation (empty if no operation is running). See SSH Process status result codes.

Reason

string

The reason for approval or rejection.

RotationStage

Integer

(Optional) The status of public and private key rotation. See SSH Keyset rotation stage codes.

Type

string

The key type that describes public or private key usage. One of:

  • AuthorizedKey: A public key for authorizing login access by anyone capable of using the corresponding private key.
  • HostPrivateKey: A private key for a host device.
  • HostPublicKey: The public key for a device host.
  • UserPublicKey: A public key for a user.
  • UserPrivateKey: A private key for a user.
  • KnownHostKey: The public key from a previous connection to a host.

Username

string

The username of owner of the key.

ViolationStatus

List of integer

The key violation status codes. SSH Policy violation result and key usage alert codes.