{"id":1250,"date":"2017-11-09T04:56:38","date_gmt":"2017-11-09T02:56:38","guid":{"rendered":"https:\/\/community.virtono.com\/?p=1250"},"modified":"2018-10-26T13:21:28","modified_gmt":"2018-10-26T10:21:28","slug":"restrict-executable-ssh-commands-with-authorized-keys","status":"publish","type":"post","link":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/restrict-executable-ssh-commands-with-authorized-keys\/","title":{"rendered":"Restrict executable SSH commands with authorized keys"},"content":{"rendered":"<p>The\u00a0<b>OpenSSH<\/b>\u00a0Secure Shell Server provides secure, encrypted remote access to <a href=\"https:\/\/www.virtono.com\/linux-vps\">Linux and Unix systems<\/a>.\u00a0The server side is the file\u00a0<b>authozired_keys<\/b>\u00a0in\u00a0<i>.ssh<\/i>\u00a0a user&#8217;s primary folder to configure a\u00a0public-key authentication\u00a0.\u00a0Normally, a user gets\u00a0<b>full access<\/b>\u00a0to the system where the authentication was set up.\u00a0However, in some cases, such as automated backup operations, it makes sense to restrict access to a few or even a single\u00a0<b>command<\/b>\u00a0.\u00a0The required configuration steps are explained in this article.<\/p>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_73 counter-hierarchy ez-toc-counter ez-toc-light-blue ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.virtono.com\/community\/tutorial-how-to\/restrict-executable-ssh-commands-with-authorized-keys\/#Usage\" title=\"Usage\">Usage<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.virtono.com\/community\/tutorial-how-to\/restrict-executable-ssh-commands-with-authorized-keys\/#Restrict_to_single_command_in_authorized_keys\" title=\"Restrict to single command in authorized_keys\">Restrict to single command in authorized_keys<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.virtono.com\/community\/tutorial-how-to\/restrict-executable-ssh-commands-with-authorized-keys\/#Analyze_the_executed_command_on_the_SSH_server\" title=\"Analyze the executed command on the SSH server\">Analyze the executed command on the SSH server<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.virtono.com\/community\/tutorial-how-to\/restrict-executable-ssh-commands-with-authorized-keys\/#Restrict_to_multiple_commands_in_authorized_keys\" title=\"Restrict to multiple commands in authorized_keys\">Restrict to multiple commands in authorized_keys<\/a><\/li><\/ul><\/nav><\/div>\n<h2><span class=\"ez-toc-section\" id=\"Usage\"><\/span><span id=\"Verwendungszweck\" class=\"mw-headline\">Usage<\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>The restriction of SSH-executable commands is mainly used for automated backup operations or backups.\u00a0In most cases, dedicated backup users have a private key with no key phrase or key phrase to perform automated backups.\u00a0At the backup destination server, this user&#8217;s public key is placed in the\u00a0<i>authorized_keys<\/i>\u00a0file\u00a0so that it can connect without entering a password.\u00a0Actually, from this point on, the user would have full access to the backup server, even though he always\u00a0calls\u00a0only the command\u00a0<i>rsync<\/i>\u00a0.<\/p>\n<p>A command restriction for the user prevents the backup server from being automatically compromised if the private key is compromised.\u00a0Since the user is restricted to a command in the\u00a0<i>authorized_keys<\/i>\u00a0file, he must not execute any other command or set up a terminal session via SSH.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Restrict_to_single_command_in_authorized_keys\"><\/span><span id=\"Auf_einzelnes_Kommando_in_authorized_keys_einschr.C3.A4nken\" class=\"mw-headline\">Restrict to single command in authorized_keys<\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>The file\u00a0<b>\/~\/.ssh\/authorized_keys contains<\/b>\u00a0the public key of the user who is allowed to connect (sa\u00a0public-key authentication\u00a0):<\/p>\n<div class=\"mw-highlight mw-content-ltr\" dir=\"ltr\">\n<pre>: ~ $ cat .ssh \/ authorized_keys \r\nssh-rsa AAAAB3NzaC1yc2EAAAAAABABAAABAQCj98R <span class=\"o\">[<\/span> ... <span class=\"o\">]<\/span>\r\n<\/pre>\n<\/div>\n<p>In order to limit the user to a single command, the parameter\u00a0<b>command = is entered<\/b>\u00a0before the key.\u00a0Thereafter, when attempting to set up an SSH connection, only this command is always executed, even if, for example, another command was transferred.\u00a0In the following example the user\u00a0<i>dailybackup is restricted<\/i>to the command\u00a0<i>date<\/i>\u00a0for demonstration\u00a0purposes.\u00a0For this purpose, the parameter\u00a0<i>command = date is<\/i>\u00a0defined\u00a0on the SSH server\u00a0:<\/p>\n<div class=\"mw-highlight mw-content-ltr\" dir=\"ltr\">\n<pre>: ~ $ cat .ssh \/ authorized_keys \r\n <span class=\"nv\">command <\/span><span class=\"o\">= <\/span><span class=\"s2\">\"date\"<\/span> ssh-rsa AAAA <span class=\"o\">[<\/span> ... <span class=\"o\">]<\/span>\r\n<\/pre>\n<\/div>\n<p>From the client computer, which connects to the server via SSH, then only the command\u00a0<i>date is<\/i>\u00a0executable for the user:<\/p>\n<div class=\"mw-highlight mw-content-ltr\" dir=\"ltr\">\n<pre>: ~ $ ssh dailybackup@192.168.56.105\r\nWed Apr <span class=\"m\">30<\/span> 14:46:53 CEST 2014\r\nConnection to 192.168.56.105 closed.\r\n: ~ $ ssh dailybackup@192.168.56.105 <span class=\"s2\">\"tail \/ etc \/ passwd\"<\/span> \r\nWed Apr <span class=\"m\">30<\/span> 14:47:02 CEST 2014\r\n<\/pre>\n<\/div>\n<h2><span class=\"ez-toc-section\" id=\"Analyze_the_executed_command_on_the_SSH_server\"><\/span><span id=\"Ausgef.C3.BChrtes_Kommando_am_SSH-Server_analysieren\" class=\"mw-headline\">Analyze the executed command on the SSH server<\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>The analysis of which command\u00a0must be\u00a0entered in\u00a0<i>authorized_keys<\/i>\u00a0is\u00a0<i>made<\/i>\u00a0easier\u00a0by the environment variable\u00a0<i>$ SSH_ORIGINAL_COMMAND<\/i>\u00a0:<\/p>\n<div class=\"mw-highlight mw-content-ltr\" dir=\"ltr\">\n<pre><span class=\"nv\">command <\/span><span class=\"o\">= <\/span><span class=\"s2\">\"\/ bin \/ echo You invoked:<\/span> $ <span class=\"s2\">SSH_ORIGINAL_COMMAND\"<\/span> ssh-rsa AAAAB <span class=\"o\">[<\/span> .. <span class=\"o\">]<\/span>\r\n<\/pre>\n<\/div>\n<p>When a command is called from the client, the command executed on the server is output for analysis purposes:<\/p>\n<div class=\"mw-highlight mw-content-ltr\" dir=\"ltr\">\n<pre>: ~ $ ssh dailybackup@192.168.56.105 tail \/ etc \/ passwd\r\nYou invoked: tail \/ etc \/ passwd\r\n<\/pre>\n<\/div>\n<p>However, some commands, such as\u00a0<i>rsync,<\/i>\u00a0cause\u00a0an error message\u00a0in the above\u00a0<i>command<\/i>\u00a0.\u00a0However, in a roundabout way with the help of a script on the SSH server, it also comes to the command executed:\u00a0<sup id=\"cite_ref-sshdef_1-1\" class=\"reference\">[1]<\/sup><\/p>\n<div class=\"mw-highlight mw-content-ltr\" dir=\"ltr\">\n<pre>: ~ $ vi logssh.sh\r\n <span class=\"c1\">#! \/ bin \/ sh <\/span>\r\n<span class=\"k\">if <\/span> <span class=\"o\">[<\/span> -n <span class=\"s2\">\"<\/span> $ <span class=\"s2\">SSH_ORIGINAL_COMMAND\" <\/span> <span class=\"o\">] <\/span>\r\n<span class=\"k\">then <\/span>\r\n  <span class=\"nb\">echo <\/span> <span class=\"s2\">\"` \/ bin \/ date \":<\/span> $ <span class=\"s2\">SSH_ORIGINAL_COMMAND\"<\/span> &gt;&gt; $ HOME \/ ssh-command-log\r\n   <span class=\"nb\">exec<\/span> $ SSH_ORIGINAL_COMMAND\r\n <span class=\"k\">fi<\/span>\r\n: ~ $ vi .ssh \/ authorized_keys\r\n<span class=\"nv\">command <\/span><span class=\"o\">= <\/span><span class=\"s2\">\"\/home\/dailybackup\/logssh.sh\"<\/span> ssh-rsa AAAAB3N <span class=\"o\">[<\/span> ... <span class=\"o\">]<\/span>\r\n<\/pre>\n<\/div>\n<p>The client then calls rsync:<\/p>\n<div class=\"mw-highlight mw-content-ltr\" dir=\"ltr\">\n<pre>: ~ \/ tmp $ rsync -avz test.txt dailybackup@192.168.56.105: \/home\/dailybackup\r\nsending incremental file list\r\n<span class=\"o\">[<\/span> ... <span class=\"o\">]<\/span>\r\n<\/pre>\n<\/div>\n<p>On the SSH server, the command executed via SSH appears in the log file.\u00a0This command can then be used again via\u00a0<i>command =<\/i>\u00a0for restriction:<\/p>\n<div class=\"mw-highlight mw-content-ltr\" dir=\"ltr\">\n<pre>: ~ $ cat ssh-command-log \r\nWed Apr <span class=\"m\">30<\/span> 15:10:54 CEST 2014: rsync --server -vlogDtprze.iLsf. \/ home \/ daily backup\r\n<\/pre>\n<\/div>\n<p><b>Note:<\/b>\u00a0Problems with output redirects can be used instead\u00a0<code>exec<\/code>\u00a0<code>eval<\/code>.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Restrict_to_multiple_commands_in_authorized_keys\"><\/span><span id=\"Auf_mehrere_Kommandos_in_authorized_keys_einschr.C3.A4nken\" class=\"mw-headline\">Restrict to multiple commands in authorized_keys<\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Basically, additional scripts allow you to allow multiple commands for a key pair.<\/p>\n<p>However, for the greatest possible security, it is easier to generate a separate key pair for each desired command and to store the corresponding command.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The\u00a0OpenSSH\u00a0Secure Shell Server provides secure, encrypted remote access to Linux and Unix systems.\u00a0The server side is the file\u00a0authozired_keys\u00a0in\u00a0.ssh\u00a0a user&#8217;s primary folder to configure a\u00a0public-key authentication\u00a0.\u00a0Normally, a user gets\u00a0full access\u00a0to the system where the authentication was set up.\u00a0However, in some cases, such as automated backup operations, it makes sense to restrict<\/p>\n","protected":false},"author":3,"featured_media":1251,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_feature_clip_id":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[3],"tags":[],"class_list":["post-1250","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-tutorial-how-to"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/11\/Putty2_1.png?fit=675%2C424&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p7ISfL-ka","jetpack_likes_enabled":true,"jetpack-related-posts":[{"id":3330,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/how-to-set-up-ssh-keys-on-ubuntu-20-04\/","url_meta":{"origin":1250,"position":0},"title":"How to Set Up SSH Keys on Ubuntu 20.04","author":"George B.","date":"April 27, 2023","format":false,"excerpt":"In this tutorial, we will learn how to set up SSH keys on Ubuntu 20.04. Secure Shell (SSH) is a protocol used to securely connect to a remote server or computer. It provides a secure way to transfer files, execute remote commands, and manage remote systems. SSH keys are a\u2026","rel":"","context":"In &quot;Tutorials&quot;","block_context":{"text":"Tutorials","link":"https:\/\/www.virtono.com\/community\/category\/tutorial-how-to\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/04\/How-to-Set-Up-SSH-Keys-on-Ubuntu-20.04.png?fit=600%2C330&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/04\/How-to-Set-Up-SSH-Keys-on-Ubuntu-20.04.png?fit=600%2C330&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/04\/How-to-Set-Up-SSH-Keys-on-Ubuntu-20.04.png?fit=600%2C330&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":1158,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/openssh-public-key-authentication-under-ubuntu\/","url_meta":{"origin":1250,"position":1},"title":"OpenSSH public key authentication under Ubuntu","author":"Shreyash Sharma","date":"October 24, 2017","format":false,"excerpt":"This article shows how\u00a0SSH access is\u00a0configured\u00a0for\u00a0public-key\u00a0authentication\u00a0.\u00a0To do so, a key pair is created on the client, the public part of the keys are transferred to the server, and the server is set up for key authentication.\u00a0The user can log on to the server without a login password, only the password\u2026","rel":"","context":"In &quot;Tutorials&quot;","block_context":{"text":"Tutorials","link":"https:\/\/www.virtono.com\/community\/category\/tutorial-how-to\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":1253,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/unlock-full-encrypted-system-via-ssh\/","url_meta":{"origin":1250,"position":2},"title":"Unlock full-encrypted system via SSH","author":"Daniel Draga","date":"November 9, 2017","format":false,"excerpt":"A complete encryption of your own system is an excellent way to ensure the confidentiality of your own data.\u00a0The current Ubuntu installer offers a guided installation to encrypt the entire system with \"\u00a0encrypted LVMs\u00a0\".\u00a0For both the automated installation and the manual way, there are numerous detailed guides that explain the\u2026","rel":"","context":"In &quot;Tutorials&quot;","block_context":{"text":"Tutorials","link":"https:\/\/www.virtono.com\/community\/category\/tutorial-how-to\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/11\/dropbear-logo-walking_700_726_FFFFFF_c1.jpg?fit=700%2C726&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/11\/dropbear-logo-walking_700_726_FFFFFF_c1.jpg?fit=700%2C726&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/11\/dropbear-logo-walking_700_726_FFFFFF_c1.jpg?fit=700%2C726&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/11\/dropbear-logo-walking_700_726_FFFFFF_c1.jpg?fit=700%2C726&ssl=1&resize=700%2C400 2x"},"classes":[]},{"id":3176,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/how-to-change-ssh-port-on-linux-or-unix\/","url_meta":{"origin":1250,"position":3},"title":"How to Change SSH Port on Linux or Unix","author":"George B.","date":"April 6, 2023","format":false,"excerpt":"By default, SSH listens on port 22, if you want to change SSH port to a non-standard port can help enhance server security by making it harder for attackers to find and exploit SSH vulnerabilities. In this article, we will walk through the process of changing the SSH port on\u2026","rel":"","context":"In &quot;Tutorials&quot;","block_context":{"text":"Tutorials","link":"https:\/\/www.virtono.com\/community\/category\/tutorial-how-to\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/04\/How-to-Change-SSH-Port-on-Linux-or-Unix.png?fit=600%2C340&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/04\/How-to-Change-SSH-Port-on-Linux-or-Unix.png?fit=600%2C340&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/04\/How-to-Change-SSH-Port-on-Linux-or-Unix.png?fit=600%2C340&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":3595,"url":"https:\/\/www.virtono.com\/community\/knowledgebase\/how-to-protect-your-server-against-brute-force-attacks\/","url_meta":{"origin":1250,"position":4},"title":"How to Protect Your Server Against Brute Force Attacks","author":"George B.","date":"June 23, 2023","format":false,"excerpt":"Introduction Brute force attacks are one of the most common threats that server administrators face. This guide is designed to provide you with the knowledge and strategies you need to protect your server from brute force attacks. What is a Server Brute Force Attack A server brute force attack is\u2026","rel":"","context":"In &quot;Knowledgebase&quot;","block_context":{"text":"Knowledgebase","link":"https:\/\/www.virtono.com\/community\/category\/knowledgebase\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/06\/How-to-Protect-Your-Server-Against-Brute-Force-Attacks.png?fit=600%2C330&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/06\/How-to-Protect-Your-Server-Against-Brute-Force-Attacks.png?fit=600%2C330&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/06\/How-to-Protect-Your-Server-Against-Brute-Force-Attacks.png?fit=600%2C330&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":1156,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/ssh-root-forbid-login-under-debian\/","url_meta":{"origin":1250,"position":5},"title":"SSH root forbid login under Debian","author":"Shreyash Sharma","date":"October 23, 2017","format":false,"excerpt":"If you want to ban direct SSH root login on Debian, you need at least one additional user who can log on to the server, in addition to the root user.\u00a0Use this user to change to the root account. ATTENTION:\u00a0If you have not created another user, you lock yourself out\u2026","rel":"","context":"In &quot;Tutorials&quot;","block_context":{"text":"Tutorials","link":"https:\/\/www.virtono.com\/community\/category\/tutorial-how-to\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/10\/ssh_installer_2.jpg?fit=638%2C478&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/10\/ssh_installer_2.jpg?fit=638%2C478&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/10\/ssh_installer_2.jpg?fit=638%2C478&ssl=1&resize=525%2C300 1.5x"},"classes":[]}],"_links":{"self":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts\/1250","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/comments?post=1250"}],"version-history":[{"count":3,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts\/1250\/revisions"}],"predecessor-version":[{"id":1489,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts\/1250\/revisions\/1489"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/media\/1251"}],"wp:attachment":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/media?parent=1250"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/categories?post=1250"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/tags?post=1250"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}