Contents x
    POST | Update SSH key
    • 3 minutes to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    POST | Update SSH key

    • 3 minutes to read
    • Print
    • Dark
      Light
    • PDF
    Article summary

    Update an SSH key in PAM Core.

    Requirements

    Request

    POST /api/pam/key

    Request parameters

    Send the parameters you want to update in the request body.

    • identifier - string - required - Unique string defined by the user or by senhasegura for identifying the credential.

      Note: this value is created by the user or automatically generated by senhasegura in POST | Create SSH key and is obtained in the response to the GET | List an SSH key by id.


    • ip - string - required - IP address of the main device associated with the SSH key.


    • hostname - string - required - Name of the main device associated with the SSH key.


    • private_key - string - required - Private key necessary for user authentication.

      Example: -----BEGIN OPENSSH PRIVATE KEY-----\rcTA9Vb5aA0kXaK2HEjGUWgeCBG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW\rQyNTUxOQAAACCLABE9/nb3BlbnNzaC1rZXktdjEAAAAAxtPOCkR2sGccAAAAKi5DXJnuQ1y\r\nZwAAAAtzc2gtZWQyNTUxOQAAACCLABE9/cTA9VTGVpdGVGZXJyZWlyYUBIUjFTUkb5aA0kXaK2HEjGUWgeCxtPOCkR2sGccA\rDgaNiGsvbkkkXhepU2NQi3iZ4sAET39xMD1VvloDSRdorYc\rSMZRaB4LG084KRHawZxwAAAAI0F6dXJlQUQrRGVib3JhAAAECc20zsB7FuSJQAqhLxe\rgzAQI=\r-----END OPENSSH PRIVATE KEY-----


    • public_key - string - required - Public key that allows servers to verify the user's identity associated with the corresponding private key.

      Example: ssh-ed25519 C1lZDI1NTE5AAawZxwAAAAAAC3NzaIIsAET39xdorYcSMZRaB4LG084MD1VvloDSRKRH AzureAD+DeboraLeiteFerreira@HR1SRH3


    • username - string - Username related to the key in the device.

      Note: although not required, as good practice, filling out this field helps searching for the SSH key.

      New SSH key default value: usr


    • enabled - boolean - SSH key status: active = true; inactive = false


    • devices - array of hostnames - Additional devices associated with the SSH key, containing their hostname.


        → hostname - string - Hostname of the additional device.   Note: only previously registered devices are accepted.


    • tags - string - Keywords for identifying the SSH key.


    • key_name - string - User-created name for identifying the key.


    • password - string - Optional password that provides an extra layer of security to the private key.

      Example request

    POST {{url}}/api/pam/key

    {
    "identifier": "sshkey3",
    "ip": "10.66.33.120",
    "hostname": "w2016",
    "private_key": "-----BEGIN OPENSSH PRIVATE KEY-----\r\nTA9Vb5aA0kXaK2HEjGUWgeCBG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW\r\nQyNTUxOQAAACCLABE9/nb3BlbnNzaC1rZXktdjEAAAAAxtPOCkR2sGccAAAAKi5DXJnuQ1y\r\nZwAAAAtzc2gtZWQyNTUxOQAAACCLABE9/cTA9VTGVpdGVGZXJyZWlyYUBIUjFTUkb5aA0kXaK2HEjGUWgeCxtPOCkR2sGccA\r\nDgaNiGsvbkkkXhepU2NQi3iZ4sAET39xMD1VvloDSRdorYc\r\nSMZRaB4LG084KRHawZxwAAAAI0F6dXJlQUQrRGVib3JhAAAECc20zsB7FuSJQAqhLxe\r\ngzAQI=\r\n-----END OPENSSH PRIVATE KEY-----",
        "public_key": "ssh-ed25519 C1lZDI1NTE5AAawZxwAAAAAAC3NzaIIsAET39xdorYcSMZRaB4LG084MD1VvloDSRKRH AzureAD+DeboraLeiteFerreira@HR1SRH3",
    "username": "dleite3",
    "enabled": true,
    "devices": [
        {
            "hostname": "API device test"
        }
    ],
    "tags": "mainsshkey",
    "key_name": "test4",
    "password": "fkjwe87a5a8fa9a"
}

    Response

     {
   "code": 201,
   "response": {
       "status": 201,
       "message": "Key updated successfully!",
       "error": false,
       "error_code": 0,
       "detail": "",
       "mensagem": "Key updated successfully!",
       "erro": false,
       "cod_erro": 0
   },
   "key": {
       "id": "83",
       "identifier": "sshkey3",
       "devices": [
           {
               "hostname": "API device test",
               "ip": "10.66.33.20"
           }
       ],
       "devices_error": []
   }
}

    Errors

    400 - Bad Request.

    Message: "1004: The device's hostname was not informed"

    Possible cause: the required parameter hostname of the device wasn’t informed.

    Solution: provide a value for the hostname parameter of the device and resend the request.

    Message: "1005: The device's IP was not informed"

    Possible cause: the required parameter ip of the device wasn’t informed.

    Solution: provide a value for the ip parameter of the device and resend the request.

    Message: "1013: The public key was not informed"

    Possible cause: the required parameter public_key wasn’t informed.

    Solution: provide a value for the public_key parameter and resend the request.

    Message: "1014: The private key was not informed"

    Possible cause: the required parameter private_key wasn’t informed.

    Solution: provide a value for the private_key parameter and resend the request.

    Message: "1039: Without PAM Configuration Access permission"

    Possible cause: your authorization doesn’t have permission to create a credential.

    Solution: ask the administrator to check your read and write permission to PAM Core resources in A2A.

    404 - Not Found

    Message: "Resource sub not found"

    Possible cause: the URL or the requested resource isn’t correct.

    Solution: check the URL and make sure the parameter is correct.

    500 - Internal Server Error

    Message: "Unexpected error."

    Possible cause: the error is in the senhasegura server.

    Solution: contact the support team for more information.

    Message: "You are not authorized to access this resource."

    Possible cause: you don’t have the authorization to access this resource.

    Solution: ask the administrator to check your permission to access the PAM Core resources in A2A.

    Client authentication failed

    Message: "Client authentication failed."

    Possible cause: failure in your application authentication with the senhasegura server.

    Solution: check the authentication parameters such as Access Token URL, Client ID e Client secret and request a new access token.

    Invalid signature

    Message: "Invalid signature"

    Possible cause: failure in recognizing the URL of the client application.

    Solution: check the URL of the client application and resent the request.

    No route matched with those values

    Message: "No route matched with those values."

    Possible cause: the authorization header is missing in the API request.

    Solution: request a new access token.

    Request timed out

    Message: "Request timed out."

    Possible cause: the request time has expired.

    Solution: check the connectivity between the source of the request and the senhasegura server.

    Was this article helpful?
    What's Next
    Digital sovereignty is a fundamental right for citizens, institutions, and society. That’s why we work every day.
    Connect With Us
    SENHASEGURA
    LEARN
    EXPLORE
    Copyright © senhasegura. All Rights Reserved