POST SSH/EditSelfServiceAuthorizedKey
Changes information about the management of an authorized key.
Requirements
- Permissions: The caller must have Write permission to the device.
- Token scope: SSH:Manage
Headers
-
Content type: Content-Type:application/json.
- Token: The bearer access token that you received. For example, Authorization:Bearer 4MyGeneratedBearerTknz==. For more information, see Passing a bearer token in your API calls.
Parameters
Name |
Description |
---|---|
KeyId |
Numeric identifier of the authorized key. The keyset private key, must be manually installed and this is an authorized key. Authorized keys specify which users are allowed to log into a server using public key authentication in SSH. To get this information, call GET SSH/KeysetDetails. |
Location | (Optional) The host or computer name. |
AllowedSourceRestriction | (Optional) A list of allowed source restrictions for the key. If omitted, the value is taken from device policy. |
DeniedSourceRestriction |
(Optional) An array of blocked IP addresses or host names that can use the authorized key. |
ForcedCommand | (Optional) The SSH command to automatically run when a user logs into the device. Otherwise, the value is null. |
Options |
(Optional) List of authorized key options. If omitted, existing value is not changed: no-x11-forwarding, no-agent-forwarding, no-pty, no-port-forwarding, permitopen, environment, cert-authority, principals, tunnel, allow-from, deny-from, from, command. For additional help, see Client Configuration Files. |
Notes |
(Optional) Additional information. |
Returns
Name |
Description |
---|---|
Response |
Returns Success and True, when the change was successful. Otherwise, returns the SSH SshWebResponse object. |
Example: Apply Source Restriction to a Key
Request
POST https://tpp.venafi.example//vedsdk/SSH/EditSelfServiceAuthorizedKey Authorization:Bearer 4MyGeneratedBearerTknz== { "KeyId":"2114", "Notes":"Change Source Restrictions, ForcedCmds", "Location":"192.168.6.228", "AllowedSourceRestriction":[ "192.168.1.*", "192.168.2.*" ], "ForcedCommand":"echo 'SSH connected'", "Options":[ "no-pty", "no-port-forwarding" ] }
Response
HTTP/1.1 200 OK { "Success":true }