POST | Create SSH key
- 4 minutes to read
- Print
- DarkLight
- PDF
POST | Create SSH key
- 4 minutes to read
- Print
- DarkLight
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
Create an SSH key in PAM Core.
Prerequisites
- Authorization with access and read and write permission to PAM Core granted by the administator in A2A.
More information in How to manage authorizations in A2A. - Device created in PAM Core.
More information in POST | Create device.
Request
POST /api/pam/key
Request parameters
Send the parameters below in the request body.
ip- string - required - IP address of the main device associated with the SSH key.
hostname- string - required - Hostname of the main device associated with the SSH key.
private_key- string - required - Private key necessary for user authentication.-----BEGIN OPENSSH PRIVATE KEY-----\rcTA9Vb5aA0kXaK2HEjGUWgeCBG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW\rQyNTUxOQAAACCLABE9/nb3BlbnNzaC1rZXktdjEAAAAAxtPOCkR2sGccAAAAKi5DXJnuQ1y\r\nZwAAAAtzc2gtZWQyNTUxOQAAACCLABE9/cTA9VTGVpdGVGZXJyZWlyYUBIUjFTUkb5aA0kXaK2HEjGUWgeCxtPOCkR2sGccA\rDgaNiGsvbkkkXhepU2NQi3iZ4sAET39xMD1VvloDSRdorYc\rSMZRaB4LG084KRHawZxwAAAAI0F6dXJlQUQrRGVib3JhAAAECc20zsB7FuSJQAqhLxe\rgzAQI=\r-----END OPENSSH PRIVATE KEY-----
public_key- string - required - Public key that allows servers to verify the identity of the user associated with the corresponding private key.ssh-ed25519 C1lZDI1NTE5AAawZxwAAAAAAC3NzaIIsAET39xdorYcSMZRaB4LG084MD1VvloDSRKRH AzureAD+DeboraLeiteFerreira@HR1SRH3
identifier- string - Unique string defined by the user or by senhasegura for identifying the credential.UUIDif left blank. This value can be updated in future calls.
username- string - Username related to the key in the device.New SSH key default value:
usr
enabled- boolean - SSH key status: active =true; inactive =false.falsein theenabledfield, the SSH key will be created as inactive. To access this key's information, you must enable it first.
devices - array of hostnames - Additional devices associated with the SSH key, containing their hostname.hostname - string - Hostname of the additional device.tags- string - Keywords for identifying the SSH key.
key_name- string - User-created name for identifying the key.
password- string - Optional password that provides an extra layer of security to the private key.
Example request
POST {{url}}/api/pam/key
{
"ip": "10.66.33.15",
"hostname": "w2016",
"private_key": "-----BEGIN OPENSSH PRIVATE KEY-----\r\cTA9Vb5aA0kXaK2HEjGUWgeCBG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW\r\nQyNTUxOQAAACCLABE9/nb3BlbnNzaC1rZXktdjEAAAAAxtPOCkR2sGccAAAAKi5DXJnuQ1y\r\nZwAAAAtzc2gtZWQyNTUxOQAAACCLABE9/cTA9VTGVpdGVGZXJyZWlyYUBIUjFTUkb5aA0kXaK2HEjGUWgeCxtPOCkR2sGccA\r\nDgaNiGsvbkkkXhepU2NQi3iZ4sAET39xMD1VvloDSRdorYc\r\nSMZRaB4LG084KRHawZxwAAAAI0F6dXJlQUQrRGVib3JhAAAECc20zsB7FuSJQAqhLxe\r\ngzAQI=\r\n-----END OPENSSH PRIVATE KEY-----",
"public_key": "ssh-ed25519 C1lZDI1NTE5AAawZxwAAAAAAC3NzaIIsAET39xdorYcSMZRaB4LG084MD1VvloDSRKRH AzureAD+DeboraLeiteFerreira@HR1SRH3",
"username": "dleite3",
"identifier": "sshkey3",
"enabled": true,
"devices": [
{
"hostname": "API device test"
}
],
"tags": "mainsshkey",
"key_name": "teste4",
"password": "fkjwe87a5a8fa9a"
}
Response
{
"code": 201,
"response": {
"status": 201,
"message": "Key successfully registered!",
"error": false,
"error_code": 0,
"detail": "",
"Message": "Key successfully registered!",
"erro": false,
"cod_erro": 0
},
"key": {
"id": "92",
"identifier": "sshkey0",
"devices": [
{
"hostname": "API device test",
"ip": "10.66.33.20"
}
],
"devices_error": []
}
}
Errors
400 - Bad Request.
Message: "1004: The device's hostname was not informed"
Possible cause: the required parameter hostname of the device wasn’t informed.
hostname parameter of the device and resend the request.Message: "1005: The device's IP was not informed"
Possible cause: the required parameter ip of the device wasn’t informed.
ip parameter of the device and resend the request.Message: "1013: The public key was not informed"
Possible cause: the required parameter public_key wasn’t informed.
public_key parameter and resend the request.Message: "1014: The private key was not informed"
Possible cause: the required parameter private_key wasn’t informed.
private_key parameter and resend the request.Message: "1039: Without PAM Configuration Access permission"
Possible cause: your authorization doesn’t have permission to create a credential.
Solution: ask the administrator to check your read and write permission to PAM Core resources in A2A.
404 - Not Found
Message: "Resource sub not found"
Possible cause: the URL or the requested resource isn’t correct.
Solution: check the URL and make sure the parameter is correct.
500 - Internal Server Error
Message: "Unexpected error."
Possible cause: the error is in the senhasegura server.
Solution: contact the support team for more information.
Message: "You are not authorized to access this resource."
Possible cause: you don’t have the authorization to access this resource.
Solution: ask the administrator to check your permission to access the PAM Core resources in A2A.
Client authentication failed
Message: "Client authentication failed."
Possible cause: failure in your application authentication with the senhasegura server.
Solution: check the authentication parameters such as Access Token URL, Client ID e Client secret and request a new access token.
Invalid signature
Message: "Invalid signature"
Possible cause: failure in recognizing the URL of the client application.
Solution: check the URL of the client application and resent the request.
No route matched with those values
Message: "No route matched with those values."
Possible cause: the authorization header is missing in the API request.
Solution: request a new access token.
Request timed out
Message: "Request timed out."
Possible cause: the request time has expired.
Solution: check the connectivity between the source of the request and the senhasegura server.
Was this article helpful?
