Help
FortiAnalyzer
FortiAnalyzer can receive logs and Windows host events directly from endpoints connected to EMS, and you can use FortiAnalyzer to analyze the logs and run reports.
jngouo_FTNT
Staff
Staff

Created on ‎05-30-2016 03:34 PM Edited on ‎01-14-2025 07:39 AM By Moderator

Article Id 194583

Technical Tip: How to authenticate an admin user to FortiAnalyzer or FortiManager through the CLI using only SSH keys

Description

 

In FortiManager and FortiAnalyzer, up to three administrators connected to the CLI can be authenticated with public-private key pairs without being asked for the administrator password. The public-private key pair must be created in the SSH client application. This article explains how to generate the key pair using PuTTYgen and how to specify the public key in FortiManager or FortiAnalyzer.


Scope

 

FortiManager and FortiAnalyzer, version 4 or later.

 

Solution

 

Follow the steps used to authenticate an admin user with an SSH key in FortiGate, but select between the SSH-1(RSA), SSH-2RSA or SSH-2 DSA formats when creating the key.

Complete the CLI configuration steps in FortiManager or FortiAnalyzer under the following:

 

config sys admin user

    edit <Username>

        set ssh-public-key1 "...."

 

Do so with a key in one of the three formats mentioned above instead of in the ssh-rsa, ssh-dss, or ssh-ed25519 formats.

 

Related article:

How to generate ssh keys on Linux host and use it for public-private key authentication to FortiGate 

11660
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.