SSH Credentials¶
Do not construct this object directly, instead access the
ssh_credentials
property of an ngrok.Client
object.
-
class
ngrok.services.
SSHCredentialsClient
(client)[source]¶ SSH Credentials are SSH public keys that can be used to start SSH tunnels via the ngrok SSH tunnel gateway.
-
create
(public_key, description='', metadata='', acl=[])[source]¶ Create a new ssh_credential from an uploaded public SSH key. This ssh credential can be used to start new tunnels via ngrok’s SSH gateway.
- Parameters
description (
str
) – human-readable description of who or what will use the ssh credential to authenticate. Optional, max 255 bytes.metadata (
str
) – arbitrary user-defined machine-readable data of this ssh credential. Optional, max 4096 bytes.acl (
Sequence
[str
]) – optional list of ACL rules. If unspecified, the credential will have no restrictions. The only allowed ACL rule at this time is thebind
rule. Thebind
rule allows the caller to restrict what domains and addresses the token is allowed to bind. For example, to allow the token to open a tunnel on example.ngrok.io your ACL would include the rulebind:example.ngrok.io
. Bind rules may specify a leading wildcard to match multiple domains with a common suffix. For example, you may specify a rule ofbind:*.example.com
which will allowx.example.com
,y.example.com
,*.example.com
, etc. A rule of'*'
is equivalent to no acl at all and will explicitly permit all actions.public_key (
str
) – the PEM-encoded public key of the SSH keypair that will be used to authenticate
https://ngrok.com/docs/api#api-ssh-credentials-create
- Return type
-
get
(id)[source]¶ Get detailed information about an ssh_credential
- Parameters
id (
str
) – a resource identifier
https://ngrok.com/docs/api#api-ssh-credentials-get
- Return type
-
list
(before_id=None, limit=None)[source]¶ List all ssh credentials on this account
- Parameters
before_id (
Optional
[str
]) –limit (
Optional
[str
]) –
https://ngrok.com/docs/api#api-ssh-credentials-list
- Return type
-
update
(id, description=None, metadata=None, acl=None)[source]¶ Update attributes of an ssh_credential by ID
- Parameters
id (
str
) –description (
Optional
[str
]) – human-readable description of who or what will use the ssh credential to authenticate. Optional, max 255 bytes.metadata (
Optional
[str
]) – arbitrary user-defined machine-readable data of this ssh credential. Optional, max 4096 bytes.acl (
Optional
[Sequence
[str
]]) – optional list of ACL rules. If unspecified, the credential will have no restrictions. The only allowed ACL rule at this time is thebind
rule. Thebind
rule allows the caller to restrict what domains and addresses the token is allowed to bind. For example, to allow the token to open a tunnel on example.ngrok.io your ACL would include the rulebind:example.ngrok.io
. Bind rules may specify a leading wildcard to match multiple domains with a common suffix. For example, you may specify a rule ofbind:*.example.com
which will allowx.example.com
,y.example.com
,*.example.com
, etc. A rule of'*'
is equivalent to no acl at all and will explicitly permit all actions.
https://ngrok.com/docs/api#api-ssh-credentials-update
- Return type
-