FortiManager supports network operations use cases for centralized management, best practices compliance, and workflow automation to provide better protection against breaches.
This article describes how to enable backend-shell access in FortiManager/FortiAnalyzer.
Sometimes, it is necessary to log in to the FortiManager/FortiAnalyzer backend shell to execute some commands, for example, executing curl to check the reachability status of the backend servers.
Scope
FortiManager/FortiAnalyzer.
Solution
By default, the FortiManager/FortiAnalyzer does not grant shell access and the following message will be shown:
FMG01 # execute shell Shell disabled.
Check the system admin settings on FortiManager/FortiAnalyzer:
get system admin setting
shell-access : disable
The shell-access needs to be enabled via the following CLI commands on FortiManager/FortiAnalyzer:
config system admin setting
(setting) set shell-access enable Enter new password: Confirm new password:
(setting)# end
Perform the following to verify if the command has been implemented successfully:
get system admin setting
shell-access : enable shell-password : *
Access the backend-shell again:
execute shell Enter password: bash$
From v7.6.0, v7.4.4, and v7.2.6 onwards, the shell access has been removed:
