Fortinet black logo

CLI Reference

config firewall ssh host-key

config firewall ssh host-key

SSH proxy host public keys.

config firewall ssh host-key

Description: SSH proxy host public keys.

edit <name>

set status [trusted|revoked]

set type [RSA|DSA|...]

set nid [256|384|...]

set usage [transparent-proxy|access-proxy]

set ip {ipv4-address-any}

set port {integer}

set hostname {string}

set public-key {var-string}

next

end

config firewall ssh host-key

Parameter

Description

Type

Size

Default

status

Set the trust status of the public key.

option

-

trusted

Option

Description

trusted

The public key is trusted.

revoked

The public key is revoked.

type

Set the type of the public key.

option

-

RSA

Option

Description

RSA

The type of the public key is RSA.

DSA

The type of the public key is DSA.

ECDSA

The type of the public key is ECDSA.

ED25519

The type of the public key is ED25519.

RSA-CA

The type of the public key is from RSA CA.

DSA-CA

The type of the public key is from DSA CA.

ECDSA-CA

The type of the public key is from ECDSA CA.

ED25519-CA

The type of the public key is from ED25519 CA.

nid

Set the nid of the ECDSA key.

option

-

256

Option

Description

256

The NID is ecdsa-sha2-nistp256.

384

The NID is ecdsa-sha2-nistp384.

521

The NID is ecdsa-sha2-nistp521.

usage

Usage for this public key.

option

-

transparent-proxy

Option

Description

transparent-proxy

Transparent proxy uses this public key to validate server.

access-proxy

Access proxy uses this public key to validate server.

ip

IP address of the SSH server.

ipv4-address-any

Not Specified

0.0.0.0

port

Port of the SSH server.

integer

Minimum value: 0 Maximum value: 4294967295

22

hostname

Hostname of the SSH server, to match SSH certificate principals.

string

Maximum length: 255

public-key

SSH public key.

var-string

Maximum length: 32768

config firewall ssh host-key

SSH proxy host public keys.

config firewall ssh host-key

Description: SSH proxy host public keys.

edit <name>

set status [trusted|revoked]

set type [RSA|DSA|...]

set nid [256|384|...]

set usage [transparent-proxy|access-proxy]

set ip {ipv4-address-any}

set port {integer}

set hostname {string}

set public-key {var-string}

next

end

config firewall ssh host-key

Parameter

Description

Type

Size

Default

status

Set the trust status of the public key.

option

-

trusted

Option

Description

trusted

The public key is trusted.

revoked

The public key is revoked.

type

Set the type of the public key.

option

-

RSA

Option

Description

RSA

The type of the public key is RSA.

DSA

The type of the public key is DSA.

ECDSA

The type of the public key is ECDSA.

ED25519

The type of the public key is ED25519.

RSA-CA

The type of the public key is from RSA CA.

DSA-CA

The type of the public key is from DSA CA.

ECDSA-CA

The type of the public key is from ECDSA CA.

ED25519-CA

The type of the public key is from ED25519 CA.

nid

Set the nid of the ECDSA key.

option

-

256

Option

Description

256

The NID is ecdsa-sha2-nistp256.

384

The NID is ecdsa-sha2-nistp384.

521

The NID is ecdsa-sha2-nistp521.

usage

Usage for this public key.

option

-

transparent-proxy

Option

Description

transparent-proxy

Transparent proxy uses this public key to validate server.

access-proxy

Access proxy uses this public key to validate server.

ip

IP address of the SSH server.

ipv4-address-any

Not Specified

0.0.0.0

port

Port of the SSH server.

integer

Minimum value: 0 Maximum value: 4294967295

22

hostname

Hostname of the SSH server, to match SSH certificate principals.

string

Maximum length: 255

public-key

SSH public key.

var-string

Maximum length: 32768