Skip to main content
POST
/
v1
/
ssh-keys
curl -X POST https://gpuoutlet.ai/v1/ssh-keys \
  -H "Content-Type: application/json" \
  --cookie "sid=$SID" \
  -d "$(jq -n --arg name macbook-2026 --arg pub "$(cat ~/.ssh/id_ed25519.pub)" \
        '{name: $name, publicKey: $pub}')"

{
  "id": "key_01H...",
  "name": "macbook-2026",
  "fingerprint": "SHA256:Z9d...",
  "algorithm": "ssh-ed25519",
  "createdAt": "2026-06-07T08:14:22Z"
}
name
string
required
Human label, max 64 chars. Doesn’t have to be unique.
publicKey
string
required
Full public-key string from ~/.ssh/id_ed25519.pub or equivalent — the whole line starting ssh-ed25519, ssh-rsa, ecdsa-sha2-nistp..., etc.
id
string
name
string
fingerprint
string
algorithm
string
createdAt
string
curl -X POST https://gpuoutlet.ai/v1/ssh-keys \
  -H "Content-Type: application/json" \
  --cookie "sid=$SID" \
  -d "$(jq -n --arg name macbook-2026 --arg pub "$(cat ~/.ssh/id_ed25519.pub)" \
        '{name: $name, publicKey: $pub}')"

{
  "id": "key_01H...",
  "name": "macbook-2026",
  "fingerprint": "SHA256:Z9d...",
  "algorithm": "ssh-ed25519",
  "createdAt": "2026-06-07T08:14:22Z"
}

Validation

Server-side:
  • Parses the public-key string with a real SSH key parser
  • Rejects RSA < 2048
  • Rejects DSA entirely
  • Accepts Ed25519, RSA ≥ 2048, ECDSA P-256 / P-384 / P-521
  • Computes SHA256 fingerprint
  • Checks for duplicate-by-fingerprint against the user’s existing keys

What happens after

Every subsequent POST /v1/rentals will include this key in the pod’s authorized_keys. Already-running pods do NOT get the key retroactively — they snapshot the user’s key list at launch time.