Mint certificate-backed OpenSSH relay access

import requests url = "https://api.13-215-85-171.sslip.io/v1/sandboxes/{id}/ssh-access" payload = { "public_key": "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAA... user@example" } headers = { "Authorization": "Bearer <token>", "Content-Type": "application/json" } response = requests.post(url, json=payload, headers=headers) print(response.text)

{ "certificate": "<string>", "host": "ssh.nullspace.io", "port": 22, "user": "root", "expires_at": "2023-11-07T05:31:56Z", "access_id": "<string>", "command": "<string>", "host_key": "<string>" }

Authorizations

Authorization

string

header

required

API key passed as Bearer token

Path Parameters

string

required

Sandbox ID (e.g. sb_a1b2c3d4)

Body

application/json

public_key

string

required

OpenSSH public key to certify for relay login.

Example:

"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAA... user@example"

user

string

default:root

Sandbox user to request in the certificate.

ttl_seconds

integer<uint64>

Requested certificate lifetime in seconds.

Required range: 1 <= x <= 3600

expires_in_minutes

integer<uint64>

SDK-compatible requested certificate lifetime in minutes.

Required range: 1 <= x <= 60

Response

SSH access material and generated OpenSSH command

certificate

string

required

OpenSSH user certificate for the submitted public key.

host

string

required

Public SSH relay hostname.

Example:

"ssh.nullspace.io"

port

integer<uint16>

required

Public SSH relay port.

Example:

22

user

string

required

Sandbox user encoded as a certificate principal.

Example:

"root"

expires_at

string<date-time>

required

Certificate expiration time.

access_id

string

required

Revocable access grant identifier. Treat as sensitive in logs.

command

string

required

Best-effort OpenSSH command for manual use.

host_key

string | null

Relay host public key for known_hosts pinning when configured.