In Windows 10 and Windows 11, there is a built-in SSH keygen which can be used to generate the SSH public and private key pair.

• Open CMD in Windows and enter ssh-keygen:
  
  

• Generated keys will be saved under the C:Users\username\.ssh\ path by default. This can be modified as needed.
• Enter the password for the private key and save it somewhere. It will be used when importing the private key into FortiOS.
• A key created with the default settings in Windows 10 is sha256 with RSA 3072-bit.
• Different key algorithm are also available. See the GitHub docs for more information.
• Two files will be generated:
  
  

• The first file is a private key and the second file is a public key.
• Use Notepad++ to open the file and copy it to FortiOS in the following configuration:

config firewall ssh local-key

edit <name>

set password {password}  <- The private key password.

set private-key {user}   <- Private key.

set public-key {user} <- Public key.

set source [built-in|user]

next

end

• Enter the public key with opening and closing quotation marks ("").
  
  

• Enter the private key with opening and closing quotation marks ("").
• Note the error below:
  
  

• This is due to the private key format generated having multiple break lines. The '>' symbol indicates a break line.
• FortiOS can only accept the key format in a single line.
• Remove the break line in-between for the private key and paste it again.
  
  

• The private key is now setup successfully.
• To view the full SSH key setting, run the 'get' command.