Package com.ngrok.definitions

Class SshUserCertificate

java.lang.Object
com.ngrok.definitions.SshUserCertificate
public class SshUserCertificate extends Object
A class encapsulating the SshUserCertificate resource.

  • Constructor Details

    • SshUserCertificate

      public SshUserCertificate(String id, URI uri, OffsetDateTime createdAt, String description, String metadata, String publicKey, String keyType, String sshCertificateAuthorityId, List<String> principals, Map<String,String> criticalOptions, Map<String,String> extensions, OffsetDateTime validAfter, OffsetDateTime validUntil, String certificate)
      Creates a new instance of SshUserCertificate.
      Parameters:
      id - unique identifier for this SSH User Certificate
      uri - URI of the SSH User Certificate API resource
      createdAt - timestamp when the SSH User Certificate API resource was created, RFC 3339 format
      description - human-readable description of this SSH User Certificate. optional, max 255 bytes.
      metadata - arbitrary user-defined machine-readable data of this SSH User Certificate. optional, max 4096 bytes.
      publicKey - a public key in OpenSSH Authorized Keys format that this certificate signs
      keyType - the key type of the public_key, one of rsa, ecdsa or ed25519
      sshCertificateAuthorityId - the ssh certificate authority that is used to sign this ssh user certificate
      principals - the list of principals included in the ssh user certificate. This is the list of usernames that the certificate holder may sign in as on a machine authorizing the signing certificate authority. Dangerously, if no principals are specified, this certificate may be used to log in as any user.
      criticalOptions - A map of critical options included in the certificate. Only two critical options are currently defined by OpenSSH: force-command and source-address. See the OpenSSH certificate protocol spec for additional details.
      extensions - A map of extensions included in the certificate. Extensions are additional metadata that can be interpreted by the SSH server for any purpose. These can be used to permit or deny the ability to open a terminal, do port forwarding, x11 forwarding, and more. If unspecified, the certificate will include limited permissions with the following extension map: {"permit-pty": "", "permit-user-rc": ""} OpenSSH understands a number of predefined extensions. See the OpenSSH certificate protocol spec for additional details.
      validAfter - the time when the ssh host certificate becomes valid, in RFC 3339 format.
      validUntil - the time after which the ssh host certificate becomes invalid, in RFC 3339 format. the OpenSSH certificates RFC calls this valid_before.
      certificate - the signed SSH certificate in OpenSSH Authorized Keys Format. this value should be placed in a -cert.pub certificate file on disk that should be referenced in your sshd_config configuration file with a HostCertificate directive

  • Method Details

    • getId

      public String getId()
      unique identifier for this SSH User Certificate
      Returns:
      the value of the property as a String

    • getUri

      public URI getUri()
      URI of the SSH User Certificate API resource
      Returns:
      the value of the property as a URI

    • getCreatedAt

      public OffsetDateTime getCreatedAt()
      timestamp when the SSH User Certificate API resource was created, RFC 3339 format
      Returns:
      the value of the property as a OffsetDateTime

    • getDescription

      public String getDescription()
      human-readable description of this SSH User Certificate. optional, max 255 bytes.
      Returns:
      the value of the property as a String

    • getMetadata

      public String getMetadata()
      arbitrary user-defined machine-readable data of this SSH User Certificate. optional, max 4096 bytes.
      Returns:
      the value of the property as a String

    • getPublicKey

      public String getPublicKey()
      a public key in OpenSSH Authorized Keys format that this certificate signs
      Returns:
      the value of the property as a String

    • getKeyType

      public String getKeyType()
      the key type of the public_key, one of rsa, ecdsa or ed25519
      Returns:
      the value of the property as a String

    • getSshCertificateAuthorityId

      public String getSshCertificateAuthorityId()
      the ssh certificate authority that is used to sign this ssh user certificate
      Returns:
      the value of the property as a String

    • getPrincipals

      public List<String> getPrincipals()
      the list of principals included in the ssh user certificate. This is the list of usernames that the certificate holder may sign in as on a machine authorizing the signing certificate authority. Dangerously, if no principals are specified, this certificate may be used to log in as any user.
      Returns:
      the value of the property as a List of String

    • getCriticalOptions

      public Map<String,String> getCriticalOptions()
      A map of critical options included in the certificate. Only two critical options are currently defined by OpenSSH: force-command and source-address. See the OpenSSH certificate protocol spec for additional details.
      Returns:
      the value of the property as a Map of String to String

    • getExtensions

      public Map<String,String> getExtensions()
      A map of extensions included in the certificate. Extensions are additional metadata that can be interpreted by the SSH server for any purpose. These can be used to permit or deny the ability to open a terminal, do port forwarding, x11 forwarding, and more. If unspecified, the certificate will include limited permissions with the following extension map: {"permit-pty": "", "permit-user-rc": ""} OpenSSH understands a number of predefined extensions. See the OpenSSH certificate protocol spec for additional details.
      Returns:
      the value of the property as a Map of String to String

    • getValidAfter

      public OffsetDateTime getValidAfter()
      the time when the ssh host certificate becomes valid, in RFC 3339 format.
      Returns:
      the value of the property as a OffsetDateTime

    • getValidUntil

      public OffsetDateTime getValidUntil()
      the time after which the ssh host certificate becomes invalid, in RFC 3339 format. the OpenSSH certificates RFC calls this valid_before.
      Returns:
      the value of the property as a OffsetDateTime

    • getCertificate

      public String getCertificate()
      the signed SSH certificate in OpenSSH Authorized Keys Format. this value should be placed in a -cert.pub certificate file on disk that should be referenced in your sshd_config configuration file with a HostCertificate directive
      Returns:
      the value of the property as a String

    • equals

      public boolean equals(Object o)
      Overrides:
      equals in class Object

    • hashCode

      public int hashCode()
      Overrides:
      hashCode in class Object

    • toString

      public String toString()
      Overrides:
      toString in class Object