FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
duenlim
Staff
Staff
Article Id 228196
Description This article describes how to proceed when SSH login log show failed with 'ssh_key_invalid' error messages but authentication succeeds.
Solution

This issue can occur after upgrading to FortiOS v6.4.10 when uses ssh commands such as 'ssh username@host.nowhere.com'.


SSH login log show 'ssh_key_invalid' but after five seconds event log show successful'.

 

To provide guidance on how to collect debug log:


1) Connect to the equipment via SSH and save the session logs as debug.log. If PuTTY is used, follow this guide for reference:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-create-a-log-file-of-a-session-usin...

 

# diagnose debug application sshd -1


# diagnose debug app fnbamd -1

 

# diagnose debug console timestamp enable

 

# diagnose debug enable

 

Note: To disable the debug, run 'diagnose debug disable'.

 

2) Connect to the equipment via SSH and save the session logs as sniffer.log.

 

# diagnose sniffer packet any "host x.x.x.x" 6 0 l <- l is small letter of L

 

Note: x.x.x.x is the ssh client IP address.

 

3) Collect the ssh login event log.

 

SSH login will try to authenticate through pubkey first and then password if that fails.


Set the pubkey correctly or when using ssh use an option like '-o PubkeyAuthentication=no'.

 

If the problem continues, contact Fortinet support.