POST SSH/EditSelfServiceAuthorizedKey

Changes information about the management of an authorized key.

Requirements

  • Permissions:  The caller must have Write permission to the device.
  • Token scope:  SSH:Manage

Headers

  • Content type: Content-Type:application/json.

  • Token: The bearer access token that you received. For example, Authorization:Bearer 4MyGeneratedBearerTknz==. For more information, see Passing a bearer token in your API calls.

Parameters

Input parameters

Name

Description

KeyId

Numeric identifier of the authorized key. The keyset private key, must be manually installed and this is an authorized key. Authorized keys specify which users are allowed to log into a server using public key authentication in SSH. To get this information, call GET SSH/KeysetDetails.

Location (Optional) The host or computer name.
AllowedSourceRestriction (Optional) A list of allowed source restrictions for the key. If omitted, the value is taken from device policy.

DeniedSourceRestriction

(Optional) An array of blocked IP addresses or host names that can use the authorized key.

ForcedCommand (Optional) The SSH command to automatically run when a user logs into the device. Otherwise, the value is null.
Options

(Optional) List of authorized key options. If omitted, existing value is not changed: no-x11-forwarding, no-agent-forwarding, no-pty, no-port-forwarding, permitopen, environment, cert-authority, principals, tunnel, allow-from, deny-from, from, command. For additional help, see Client Configuration Files.

Notes

(Optional) Additional information.

Returns

Response description

Name

Description

Response

Returns Success and True, when the change was successful. Otherwise, returns the SSH SshWebResponse object.

Example: Apply Source Restriction to a Key

Request

POST https://tpp.venafi.example//vedsdk/SSH/EditSelfServiceAuthorizedKey
Authorization:Bearer 4MyGeneratedBearerTknz==
{  
   "KeyId":"2114",
   "Notes":"Change Source Restrictions, ForcedCmds",
   "Location":"192.168.6.228",
   "AllowedSourceRestriction":[  
      "192.168.1.*",
      "192.168.2.*"
   ],
   "ForcedCommand":"echo 'SSH connected'",
   "Options":[  
      "no-pty",
      "no-port-forwarding"
   ]
}

Response

HTTP/1.1 200 OK
{
   "Success":true
}