SSH Host Certificates#

Do not construct this object directly, instead access the ssh_host_certificates property of an ngrok.Client object.

class ngrok.services.SSHHostCertificatesClient(client)[source]#

SSH Host Certificates along with the corresponding private key allows an SSH server to assert its authenticity to connecting SSH clients who trust the SSH Certificate Authority that was used to sign the certificate.

create(ssh_certificate_authority_id, public_key, principals=[], valid_after=datetime.datetime(1, 1, 1, 0, 0), valid_until=datetime.datetime(1, 1, 1, 0, 0), description='', metadata='')[source]#

Create a new SSH Host Certificate

Parameters:

  • ssh_certificate_authority_id (str) – the ssh certificate authority that is used to sign this ssh host certificate

  • public_key (str) – a public key in OpenSSH Authorized Keys format that this certificate signs

  • principals (Sequence[str]) – the list of principals included in the ssh host certificate. This is the list of hostnames and/or IP addresses that are authorized to serve SSH traffic with this certificate. Dangerously, if no principals are specified, this certificate is considered valid for all hosts.

  • valid_after (datetime) – The time when the host certificate becomes valid, in RFC 3339 format. Defaults to the current time if unspecified.

  • valid_until (datetime) – The time when this host certificate becomes invalid, in RFC 3339 format. If unspecified, a default value of one year in the future will be used. The OpenSSH certificates RFC calls this valid_before.

  • description (str) – human-readable description of this SSH Host Certificate. optional, max 255 bytes.

  • metadata (str) – arbitrary user-defined machine-readable data of this SSH Host Certificate. optional, max 4096 bytes.

https://ngrok.com/docs/api#api-ssh-host-certificates-create

Return type:

SSHHostCertificate

delete(id)[source]#

Delete an SSH Host Certificate

Parameters:

id (str) – a resource identifier

https://ngrok.com/docs/api#api-ssh-host-certificates-delete

get(id)[source]#

Get detailed information about an SSH Host Certficate

Parameters:

id (str) – a resource identifier

https://ngrok.com/docs/api#api-ssh-host-certificates-get

Return type:

SSHHostCertificate

list(before_id=None, limit=None)[source]#

List all SSH Host Certificates issued on this account

Parameters:

  • before_id (Optional[str, None]) –

  • limit (Optional[str, None]) –

https://ngrok.com/docs/api#api-ssh-host-certificates-list

Return type:

SSHHostCertificateList

update(id, description=None, metadata=None)[source]#

Update an SSH Host Certificate

Parameters:

  • id (str) –

  • description (Optional[str, None]) – human-readable description of this SSH Host Certificate. optional, max 255 bytes.

  • metadata (Optional[str, None]) – arbitrary user-defined machine-readable data of this SSH Host Certificate. optional, max 4096 bytes.

https://ngrok.com/docs/api#api-ssh-host-certificates-update

Return type:

SSHHostCertificate