Help
FortiNAC
NOTE: FortiNAC is now named FortiNAC-F. For post-9.4 articles, see FortiNAC-F. FortiNAC is a zero-trust network access solution that provides users with enhanced visibility into the Internet of Things (IoT) devices on their enterprise networks.
blarochelle
Staff
Staff

Created on ‎11-26-2024 06:08 AM Edited on ‎11-26-2024 06:20 AM By Moderator

Article Id 360152

Technical Tip: How to disable public key authentication FortiNAC uses against modeled devices in Inventory

Description This article describes how to disable FortiNAC's ability to use public key authentication against devices. The setting can be disabled at a device level or a global level.
Scope FortiNAC-F 7.2 and above.
Solution

To disable FortiNAC's ability to use public key authentication at a global level, edit the /bsc/campusMgr/master_loader/.masterPropertyFile.

 

Add the following lines to the configuration in the uncommented out section of the file:

 

FILE_NAME=./properties_plugin/telnetServer.properties
{
  com.bsc.plugin.telnet.TelnetServer.ssh.publicKeyAuthEnabled=false
}

 

To disable the setting per device, run the following command:

 

device -ip <IP> -setAttr -name SSH_PUBLICKEY_AUTH_ENABLED -value "false"

 

Where <IP> is the actual IP of the modeled device to disable the setting.

 

Example:

 

device -ip 192.168.10.10 -setAttr -name SSH_PUBLICKEY_AUTH_ENABLED -value "false"

 

Note: This does not work in 7.2.8, 7.4.0, or 7.6.1 and will be fixed in the subsequent firmware versions for each train. 
237
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.