By the way, what does "get system info admin ssh" on fortigate give
you?Is it same ssh-rsa key as ssh-keyscan give you? The command is
outdated and shows only RSA fingeprint and only in md5. Ignore "DSA
fingerprint" garbage. PS: For me it is ssh-ed25...
Well, that is concerning.Do the keys change twice with two reboots in a
row, or there is some kind of a "refresh interval" for the keys? You can
get public keys by "ssh-keyscan -t [ssh-rsa|ssh-ed25519] "
without the ssh-keygen part.I think it would b...
Hi AlexFeren,I am running 6.4. and my ssh-rsa keys are stable. Are you
sure you are checking the RSA keys?Fortigates have two sets of SSH
public keys: ssh-rsa and ssh-ed25519. SSH clients default to
ssh-ed25519.To find out ssh-rsa fingerprint: ssh-ke...
Hi emnoc!Actually ssh -vvv will use the default cipher, which is not
ssh-rsa. Only ssh-rsa is synchronized per this topic.Another
disadvantage is, that it works only on one host at a time, while
ssh-keyscan can take multiple hosts.If you want the fin...
