Update SSH Security Setting
Updates a single SSH security setting on a VPS. Each request changes exactly one setting.
Request
PUT /api/v1/vps/{id}/ssh/security
Required scope: vps:manage
Path Parameters
| Parameter | Type | Description |
|---|---|---|
id |
string | The VPS ID |
Headers
| Header | Required | Value |
|---|---|---|
Authorization |
Yes | Bearer YOUR_API_KEY |
Content-Type |
Yes | application/json |
Body
| Field | Type | Required | Description |
|---|---|---|---|
setting |
string | Yes | The setting to change |
enabled |
boolean | Yes | Whether to enable/disable the setting |
useHypervisor |
boolean | No | Use hypervisor bypass (see below) |
Available Settings
| Setting | Description |
|---|---|
passwordAuth |
Enable/disable password authentication |
sha1Hmac |
Enable/disable SHA-1 based HMAC algorithms |
hideBanner |
Hide/show SSH version banner |
postQuantumKex |
Enable/disable post-quantum key exchange |
legacyCiphers |
Allow/disallow legacy ciphers (CBC/3DES) |
Hypervisor Bypass
When SSH access is unavailable (e.g. after locking yourself out by disabling password auth without a deposited SSH key), you can set useHypervisor: true. The server will then execute the command via the hypervisor instead of using an SSH connection.
Note: Hypervisor commands may take slightly longer.
Response
{
"data": {
"message": "SSH security setting updated",
"setting": "passwordAuth",
"enabled": false
}
}
Errors
| Status | Code | Description |
|---|---|---|
| 400 | BAD_REQUEST |
Invalid setting name or value |
| 404 | NOT_FOUND |
VPS not found or no access |
| 500 | INTERNAL_ERROR |
SSH command failed — details in error message |
Example
curl -X PUT "https://site.quest/api/v1/vps/699cdea2ab57a244bb5273fd/ssh/security" \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{"setting": "passwordAuth", "enabled": false}'
MCP
This action is also available via the update_ssh_security MCP tool.