Fortinet black logo

CLI Reference

firewall ssh host-key

firewall ssh host-key

Use this command to define trusted SSH host keys for specific SSH servers.

History

The following table shows all newly added, changed, or removed entries as of FortiOS 6.0.

Command Description

config firewall ssh host-key

New config command.

Define trusted SSH host keys for specific SSH servers.

config firewall ssh host-key
    edit {name}
    # SSH proxy host public keys.
        set name {string}   SSH public key name. size[35]
        set status {trusted | revoked}   Set the trust status of the public key.
                trusted  The public key is trusted.
                revoked  The public key is revoked.
        set type {option}   Set the type of the public key.
                RSA         The type of the public key is RSA.
                DSA         The type of the public key is DSA.
                ECDSA       The type of the public key is ECDSA.
                ED25519     The type of the public key is ED25519.
                RSA-CA      The type of the public key is from RSA CA.
                DSA-CA      The type of the public key is from DSA CA.
                ECDSA-CA    The type of the public key is from ECDSA CA.
                ED25519-CA  The type of the public key is from ED25519 CA.
        set nid {256 | 384 | 521}   Set the nid of the ECDSA key.
                256  The NID is ecdsa-sha2-nistp256.
                384  The NID is ecdsa-sha2-nistp384.
                521  The NID is ecdsa-sha2-nistp521.
        set ip {ipv4 address any}   IP address of the SSH server.
        set port {integer}   Port of the SSH server. range[0-4294967295]
        set hostname {string}   Hostname of the SSH server. size[255]
        set public-key {string}   SSH public key. size[32768]
    next
end

firewall ssh host-key

Use this command to define trusted SSH host keys for specific SSH servers.

History

The following table shows all newly added, changed, or removed entries as of FortiOS 6.0.

Command Description

config firewall ssh host-key

New config command.

Define trusted SSH host keys for specific SSH servers.

config firewall ssh host-key
    edit {name}
    # SSH proxy host public keys.
        set name {string}   SSH public key name. size[35]
        set status {trusted | revoked}   Set the trust status of the public key.
                trusted  The public key is trusted.
                revoked  The public key is revoked.
        set type {option}   Set the type of the public key.
                RSA         The type of the public key is RSA.
                DSA         The type of the public key is DSA.
                ECDSA       The type of the public key is ECDSA.
                ED25519     The type of the public key is ED25519.
                RSA-CA      The type of the public key is from RSA CA.
                DSA-CA      The type of the public key is from DSA CA.
                ECDSA-CA    The type of the public key is from ECDSA CA.
                ED25519-CA  The type of the public key is from ED25519 CA.
        set nid {256 | 384 | 521}   Set the nid of the ECDSA key.
                256  The NID is ecdsa-sha2-nistp256.
                384  The NID is ecdsa-sha2-nistp384.
                521  The NID is ecdsa-sha2-nistp521.
        set ip {ipv4 address any}   IP address of the SSH server.
        set port {integer}   Port of the SSH server. range[0-4294967295]
        set hostname {string}   Hostname of the SSH server. size[255]
        set public-key {string}   SSH public key. size[32768]
    next
end