SSH

Enable SSH

from gravixlayer import GravixLayer
from pathlib import Path
import os

client = GravixLayer()
runtime = client.runtime.create(template="python-3.12-base-small")

ssh = client.runtime.enable_ssh(runtime.runtime_id)

print(ssh.enabled)      # True
print(ssh.username)     # e.g. "user"
print(ssh.port)         # e.g. 22
print(ssh.connect_cmd)  # Full ssh command

# Save the private key locally
if ssh.private_key:
    key_path = Path.home() / f".gravixlayer-{runtime.runtime_id}.pem"
    key_path.write_text(ssh.private_key, encoding="utf-8")
    os.chmod(key_path, 0o600)

client.runtime.kill(runtime.runtime_id)

Parameters

Parameter	Type	Required	Description
`runtime_id`	string	Yes	Runtime identifier
`regenerate_keys`	boolean	No	Regenerate SSH keys (default `False`)

Response

Field	Type	Description
`runtime_id`	string	Runtime identifier
`enabled`	boolean	SSH enabled status
`port`	integer	SSH port
`username`	string	SSH username
`connect_cmd`	string	Full SSH command
`private_key`	string	PEM-encoded private key
`public_key`	string	Public key
`ssh_config`	string	SSH config block
`message`	string	Status message

Store private keys securely and set file permissions to 600.

Disable SSH

from gravixlayer import GravixLayer

client = GravixLayer()
runtime = client.runtime.create(template="python-3.12-base-small")

client.runtime.enable_ssh(runtime.runtime_id)

# Check status
status = client.runtime.ssh_status(runtime.runtime_id)
print(status.enabled)  # True

# Disable SSH
client.runtime.disable_ssh(runtime.runtime_id)

# Verify
status = client.runtime.ssh_status(runtime.runtime_id)
print(status.enabled)  # False

client.runtime.kill(runtime.runtime_id)

Parameters

Parameter	Type	Required	Description
`runtime_id`	string	Yes	Runtime identifier

Disable SSH as soon as interactive access is no longer needed.

Key Rotation

Rotate keys when credentials may have been exposed, or as part of regular security policy.

from gravixlayer import GravixLayer
from pathlib import Path
import os

client = GravixLayer()
runtime = client.runtime.create(template="python-3.12-base-small")

# Enable SSH
initial = client.runtime.enable_ssh(runtime.runtime_id)
print("Initial connect:", initial.connect_cmd)

# Rotate keys
rotated = client.runtime.enable_ssh(runtime.runtime_id, regenerate_keys=True)
print("New connect:", rotated.connect_cmd)

# Save the new private key
if rotated.private_key:
    key_path = Path.home() / f".gravixlayer-{runtime.runtime_id}.pem"
    key_path.write_text(rotated.private_key, encoding="utf-8")
    os.chmod(key_path, 0o600)

client.runtime.kill(runtime.runtime_id)

Recommended Flow

Call enable_ssh with regenerate_keys=True.
Save the new private key securely (permissions 600).
Remove old local key files.
Verify access using the new connect_cmd.

Getting Started

Agent Runtime

Integrations

Support

Enable SSH

Parameters

Response

Disable SSH

Parameters

Key Rotation

Recommended Flow

Getting Started

Agent Runtime

Integrations

Support

​Enable SSH

​Parameters

​Response

​Disable SSH

​Parameters

​Key Rotation

​Recommended Flow

Enable SSH

Parameters

Response

Disable SSH

Parameters

Key Rotation

Recommended Flow