Validate remote server's SSH credentials

This function checks the SSH credentials on the remote server.

Authentication

There are several methods that you can use to authenticate a transfer session with the remote server.

PermitRootLogin=Yes

The simplest authentication method is to use the root user and password. To do this, the sshd_config file on the remote server must contain the following value: PermitRootLogin=Yes

The following table displays the correct parameters and values for this authentication method:

Parameter Value
user root
password root's password.

You can also use the SSH Public Key to authenticate the root user. If the SSH Public Key is encrypted, include the SSH Key's passphrase.

The following table displays the correct parameters and values for this authentication method:

Parameter Value if the SSH Key is not encrypted Value if the SSH Key is encrypted
user root root
sshkey_name root's SSH key name. root's SSH key name.
sshkey_passphrase (none) root's SSH key passphrase.

PermitRootLogin=No

Many server administrators do not permit direct root logins on their servers.

  • If the remote server contains PermitRootLogin=No in the sshd_configfile, then you must use another user and their password on the remote server, and then escalate to root.
  • If the system administrator used WHM's Manage Wheel Group Users interface (WHM >> Home >> Security Center >> Manage Wheel Group Users) to grant the user su access, then you will need to specify su and the root password.
  • If the user has sudo access, you do not need the root password.

The following table displays the correct parameters and values for this authentication method:

Parameter Value if the user has sudo access Value if the user has su access
user The user's username. The user's username.
password The user's password. The user's password.
root_escalation_method sudo su
root_password (none) root's password.

You can also use an SSH Public Key instead of a password to authenticate that user. If the SSH Public Key is encrypted, include the SSH Key's passphrase.

The following table displays the correct parameters and values for this authentication method:

Parameter sudo su
user The user's username. The user's username.
sshkey_name The user's SSH key name. The user's SSH key name.
sshkey_passphrase (If encrypted) The user's SSH key passphrase. The user's SSH key passphrase.
root_escalation_method sudo su
root_password (none) root's password.
Authorizations:
query Parameters
required
string or string

The remote server's hostname or IP address.

Example: host=192.168.0.0
user
required
string <username>

The username to use to connect to the remote server.

Example: user=root
password
string

The username's password.

Example: password=123456luggage
port
integer [ 1 .. 65535 ]
Default: 22

The remote server's SSH port number.

Example: port=22
root_escalation_method
string

The escalation method to use to connect to the remote server.

  • su
  • sudo

Note:

Use this parameter if PermitRootLogin=No in the remote server's sshd_config file.

Enum: "su" "sudo"
Example: root_escalation_method=sudo
root_password
string

root's password on the remote server.

Note:

Use this parameter if PermitRootLogin=No in the remote server's sshd_config file and the root_escalation_method value is set to su.

Example: root_password=123456luggage
sshkey_name
string

The SSH key's name.

Note:

SSH keys are available in WHM's Manage root's SSH Keys interface (WHM >> Home >> Security Center >> Manage root’s SSH Keys).

Example: sshkey_name=FrancisScott
sshkey_passphrase
string

The SSH key's passphrase.

Note:

Use this parameter if the SSH Key is encrypted.

Example: sshkey_passphrase=kkwtoowoygidsa

Responses

Response Schema: application/json
object
object

Request samples

whmapi1 --output=jsonpretty \
  remote_basic_credential_check \
  host='192.168.0.0' \
  user='root'

Response samples

Content type
application/json
{
  • "data": {
    • "output": "Basic credential check…\nDone\n",
    • "response": "basic credential check\n"
    },
  • "metadata": {
    • "command": "remote_basic_credential_check",
    • "reason": "Success",
    • "result": 1,
    • "version": 1
    }
}