FortiManager
FortiManager supports network operations use cases for centralized management, best practices compliance, and workflow automation to provide better protection against breaches.
heng
Staff
Staff
Article Id 245855
Description This article describes the easy way to verify the running SSH server version in the FortiManager/FortiAnalyzer.
Scope FortiManager/FortiAnalyzer.
Solution

From Windows or Linux machine, it is simply possible to run a Telnet to the port number TCP/22 to verify this, the Telnet session will return the version information. 

 

For example, as follows, the SSH server is running as SSH version 2.0 as the return information of SSH-2.0.

 

Replace the IP address with the real FortiManager/FortiAnalyzer IP address when performing the Telnet. 

 

1) Windows machine:

 

C:\Users\PC>telnet <FortiManager/FortiAnalyzer IP address> 22

SSH-2.0-OpenSSH_9.0

 

2) Linux machine:

 

root@ubt01:/home/fortinet# telnet <FortiManager/FortiAnalyzer IP address> 22
Trying 10.47.19.77...
Connected to 10.47.19.77.
Escape character is '^]'.
SSH-2.0-OpenSSH_9.0

 

3) From FortiManager/FortiAnalyzer directly, if the shell password is enabled, make sure to note down the set password as it is not recoverable if the password is lost. The best practice is to set a blank password or disable the shell access right after to verify the detail from the shell. 

 

Enable shell access:

 

FAZVM64 # config sys admin setting

(setting)# set shell-access enable
Enter new password:
Confirm new password:

(setting)# end

 

Enter the shell:

 

FAZVM64 # exe shell
Enter password:

 

Enter the command ssh -V to see the version:

 

bash$ ssh -V
OpenSSH_9.0p1, OpenSSL 1.1.1o 3 May 2022

 

Disable shell access:

 

FAZVM64 # config sys admin setting

(setting)# set shell-access disable
Enter old password:

(setting)# end