Created on 05-30-2016 03:34 PM Edited on 01-14-2025 07:39 AM By Stephen_G
Description
In FortiManager and FortiAnalyzer, up to three administrators connected to the CLI can be authenticated with public-private key pairs without being asked for the administrator password. The public-private key pair must be created in the SSH client application. This article explains how to generate the key pair using PuTTY
Scope
FortiManager and FortiAnalyzer, version 4 or later.
Solution
Follow the steps used to authenticate an admin user with an SSH key in FortiGate, but select between the SSH-1(RSA), SSH-2RSA or SSH-2 DSA formats when creating the key.
Complete the CLI configuration steps in FortiManager or FortiAnalyzer under the following:
config sys admin user
edit <Username>
set ssh-public-key1 "...."
Do so with a key in one of the three formats mentioned above instead of in the ssh-rsa, ssh-dss, or ssh-ed25519 formats.
Related article:
How to generate ssh keys on Linux host and use it for public-private key authentication to FortiGate