I'm trying to set ssh host key using my own generated key following the instructions at https://docs.fortinet.com/index.php/document/fortigate/7.6.0/cli-reference/207795941/config-system-s.... The document doesn't specify what is the format for ssh-hsk parameter. I'm using ssh-keygen to generate the private key. Then remove the BEGIN/END and concatenate the lines together. However, this gives me an error "The password does not match hostkey!" when I run end command to commit the settings.
Does anyone have an example how to do this correctly? Thank you.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello @jaypat,
Confirm if generating host key from sshkeygen looks like the format below(example):
ssh-rsa
AAAAAAAAAAAAhaslkdjalkdsmx;asmscx;la,x;l,alsx,a
asdiohjfwidpokpco,zx;kcjmascpkas;xka;lkx;lakx;laksp
- Try to copy the whole text paste it to notepad add quotation from starting and ending.
"ssh-rsa
AAAAAAAAAAAAhaslkdjalkdsmx;asmscx;la,x;l,alsx,a
asdiohjfwidpokpco,zx;kcjmascpkas;xka;lkx;lakx;laksp"
Now copy the test with quotation and try pasting it to FortiGate under host key and see it helps. Make sure if you have put the password for it, set the correct password for that key on fortigate.
Thank you for prompt response. However, it's still not working.
This is the command I use to generate the host key
ssh-keygen -m RFC4716 -N "password1" -t ed25519 -b 2048 -f hostkey
Also, I'm not sure if setting host key to "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcaU2T+dts+1HhWUKB6DSJT+QGvwSfMjxmxwl8i/R8P" is right, because it's a public portion of the key. I suppose I should give private key to FortiGate instead of public key.
This is what the files look like.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1688 | |
1087 | |
752 | |
446 | |
227 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.