POST SSH Logons

The POST /SSH The SSH (secure shell) protocol provides for secure connections between computers. It provides several options for authentication, including public key, and protects the communications with strong encryption./Logons method is used to create a new Linux logon in Keyfactor Command and, for servers in inventory and publish policy mode, publish it out to a Linux server. The logon can optionally be associated with one or more SSH keys by mapping the logon to one or more users or service accounts during creation. This method returns HTTP 200 OK on a success with details for the new SSH logon.

Tip: The following permissions (see Security Roles and Claims) are required to use this feature:

/ssh/server_admin/

/ssh/enterprise_admin/

SSH actions are affected by ownership on the server group to which the server on which the logon exists belongs and limited for users with only the Server Admin (/ssh/server_admin/) role. For more information, see SSH Permissions.

Table 670: POST SSH Logons Input Parameters

Name	In	Description
Username	Body	Required. A string indicating the user's logon name on the Linux server.
ServerId	Body	Required. An integer indicating the Keyfactor Command reference ID of the server on which the SSH logon should be created. Use the GET /SSH/Servers method (see GET SSH Servers) to retrieve a list of all the SSH servers to determine the server's ID.
UserIds	Body	An array of integers indicating the Keyfactor Command reference IDs for the users and/or service accounts with which the logon should be associated, provided in the following format: [4,7,19] See SSH in the Keyfactor Command Reference Guide for more information about users and service accounts. Use the GET /SSH/Users method (see GET SSH Users) to retrieve a list of all the users (including service accounts) created in Keyfactor Command to determine a user's ID.

Name

Description

Username

Body

Required. A string indicating the user's logon name on the Linux server.

ServerId

Body

Required. An integer indicating the Keyfactor Command reference ID of the server on which the SSH logon should be created.

Use the GET /SSH/Servers method (see GET SSH Servers) to retrieve a list of all the SSH servers to determine the server's ID.

UserIds

Body

An array of integers indicating the Keyfactor Command reference IDs for the users and/or service accounts with which the logon should be associated, provided in the following format:

[4,7,19]

See SSH in the Keyfactor Command Reference Guide for more information about users and service accounts.

Use the GET /SSH/Users method (see GET SSH Users) to retrieve a list of all the users (including service accounts) created in Keyfactor Command to determine a user's ID.

Table 671: POST SSH Logons Response Data

Name

Description

An integer indicating the Keyfactor Command reference ID for the SSH logon.

Username

A string indicating the user's logon name on the Linux server.

Server

An object containing details about the server on which the SSH logon resides. Show server details.

Name	Description
Id	An integer indicating the Keyfactor Command reference ID of the server on which the SSH logon resides.
Hostname	A string indicating the hostname of the SSH server on which the SSH logon resides. See SSH Servers for more information.
UnderManagement	A Boolean indicating whether the server on which the SSH logon resides is in inventory only mode (false) or inventory and publish policy mode (true).
GroupName	A string indicating the server group to which the server referenced by Hostname belongs. See SSH Server Groups for more information.

KeyCount

An integer indicating the number of SSH keys associated with the Linux logons.

Access

An array of objects providing information about the users mapped to the logon. Show access details.

Name	Description
Id	An integer indicating the Keyfactor Command reference ID of a user or service account that has been associated with the logon. See SSH for more information.
Username	A string indicating the username of a user (in DOMAIN\\username format) or service account (in username@hostname format) that has been associated with the logon.

Tip: See the Keyfactor API Reference and Utility which provides a utility through which the Keyfactor API

A set of functions to allow creation of applications. Keyfactor offers the Keyfactor API, which allows third-party software to integrate with the advanced certificate enrollment and management features of Keyfactor Command. endpoints can be called and results returned. It is intended to be used primarily for validation, testing and workflow

A workflow is a series of steps necessary to complete a process. In the context of Keyfactor Command, it refers to the workflow builder, which allows you automate event-driven tasks when a certificate is requested or revoked. development. It also serves secondarily as documentation for the API. The link to the Keyfactor API Reference and Utility is in the dropdown from the help icon (

) at the top of the Management Portal page next to the Log Out button.

Version v11.7

On this page: