Get SSH Security Status
Returns the SSH security settings of a VPS, including password authentication, HMAC algorithms, banner visibility, post-quantum key exchange and legacy cipher status.
Request
GET /api/v1/vps/{id}/ssh/security
Required scope: vps:read
Path Parameters
| Parameter |
Type |
Description |
id |
string |
The VPS ID |
Headers
| Header |
Required |
Value |
Authorization |
Yes |
Bearer YOUR_API_KEY |
Response
{
"data": {
"passwordAuth": true,
"sha1HmacEnabled": false,
"bannerHidden": true,
"bannerSupported": true,
"postQuantumKexEnabled": true,
"legacyCiphersEnabled": false,
"postQuantumSupported": true,
"opensshVersion": "9.2p1",
"opensshPackageVersion": "1:9.2p1-2+deb12u3",
"opensshLatestAvailable": "1:9.2p1-2+deb12u3",
"updateAvailable": false,
"readViaSSH": true
}
}
Response Fields
| Field |
Type |
Description |
passwordAuth |
boolean |
Whether password authentication is enabled |
sha1HmacEnabled |
boolean |
Whether SHA-1 based HMAC algorithms are enabled |
bannerHidden |
boolean |
Whether the SSH version banner is hidden |
bannerSupported |
boolean |
Whether banner hiding is supported on this OS |
postQuantumKexEnabled |
boolean |
Whether post-quantum key exchange is enabled |
legacyCiphersEnabled |
boolean |
Whether legacy ciphers (CBC/3DES) are allowed |
postQuantumSupported |
boolean |
Whether the installed OpenSSH supports post-quantum KEX |
opensshVersion |
string |
Installed OpenSSH version |
opensshPackageVersion |
string |
Installed package version |
opensshLatestAvailable |
string |
Latest available package version |
updateAvailable |
boolean |
Whether an update is available |
readViaSSH |
boolean |
Whether status was read via SSH (false = defaults/unknown) |
Errors
| Status |
Code |
Description |
| 404 |
NOT_FOUND |
VPS not found or no access |
Example
curl "https://site.quest/api/v1/vps/699cdea2ab57a244bb5273fd/ssh/security" \
-H "Authorization: Bearer YOUR_API_KEY"
MCP
This action is also available via the ssh_security MCP tool.