Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • CLI Reference

    7.2.3
    7.6.0
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.16
    7.0.15
    7.0.14
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.15
    6.4.14
    6.4.13
    6.4.12
    6.4.11
    6.4.10
    6.4.9
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.16
    6.2.15
    6.2.14
    6.2.13
    6.2.12
    6.2.11
    6.2.10
    6.2.9
    6.2.8
    6.2.7
    6.2.6
    6.2.5
    6.2.4
    6.2.3
    6.2.2
    6.2.1
    6.0.0
    5.6.0
    5.4.0
    5.2.0
    5.0.0

    config firewall ssh host-key

    config firewall ssh host-key

    SSH proxy host public keys.

    config firewall ssh host-key
    Description: SSH proxy host public keys.
    edit <name>
        set hostname {string}
        set ip {ipv4-address-any}
        set nid [256|384|...]
        set port {integer}
        set public-key {var-string}
        set status [trusted|revoked]
        set type [RSA|DSA|...]
        set usage [transparent-proxy|access-proxy]
    next
end

    config firewall ssh host-key

    Parameter

    Description

    Type

    Size

    Default

    hostname

    Hostname of the SSH server to match SSH certificate principals.

    string

    Maximum length: 255

    ip

    IP address of the SSH server.

    ipv4-address-any

    Not Specified

    0.0.0.0

    name

    SSH public key name.

    string

    Maximum length: 35

    nid

    Set the nid of the ECDSA key.

    option

    -

    256

    Option

    Description

    256

    The NID is ecdsa-sha2-nistp256.

    384

    The NID is ecdsa-sha2-nistp384.

    521

    The NID is ecdsa-sha2-nistp521.

    port

    Port of the SSH server.

    integer

    Minimum value: 0 Maximum value: 4294967295

    22

    public-key

    SSH public key.

    var-string

    Maximum length: 32768

    status

    Set the trust status of the public key.

    option

    -

    trusted

    Option

    Description

    trusted

    The public key is trusted.

    revoked

    The public key is revoked.

    type

    Set the type of the public key.

    option

    -

    RSA

    Option

    Description

    RSA

    The type of the public key is RSA.

    DSA

    The type of the public key is DSA.

    ECDSA

    The type of the public key is ECDSA.

    ED25519

    The type of the public key is ED25519.

    RSA-CA

    The type of the public key is from RSA CA.

    DSA-CA

    The type of the public key is from DSA CA.

    ECDSA-CA

    The type of the public key is from ECDSA CA.

    ED25519-CA

    The type of the public key is from ED25519 CA.

    usage

    Usage for this public key.

    option

    -

    transparent-proxy

    Option

    Description

    transparent-proxy

    Transparent proxy uses this public key to validate server.

    access-proxy

    Access proxy uses this public key to validate server.
    Previous
    Next

    config firewall ssh host-key

    config firewall ssh host-key

    SSH proxy host public keys.

    config firewall ssh host-key
    Description: SSH proxy host public keys.
    edit <name>
        set hostname {string}
        set ip {ipv4-address-any}
        set nid [256|384|...]
        set port {integer}
        set public-key {var-string}
        set status [trusted|revoked]
        set type [RSA|DSA|...]
        set usage [transparent-proxy|access-proxy]
    next
end

    config firewall ssh host-key

    Parameter

    Description

    Type

    Size

    Default

    hostname

    Hostname of the SSH server to match SSH certificate principals.

    string

    Maximum length: 255

    ip

    IP address of the SSH server.

    ipv4-address-any

    Not Specified

    0.0.0.0

    name

    SSH public key name.

    string

    Maximum length: 35

    nid

    Set the nid of the ECDSA key.

    option

    -

    256

    Option

    Description

    256

    The NID is ecdsa-sha2-nistp256.

    384

    The NID is ecdsa-sha2-nistp384.

    521

    The NID is ecdsa-sha2-nistp521.

    port

    Port of the SSH server.

    integer

    Minimum value: 0 Maximum value: 4294967295

    22

    public-key

    SSH public key.

    var-string

    Maximum length: 32768

    status

    Set the trust status of the public key.

    option

    -

    trusted

    Option

    Description

    trusted

    The public key is trusted.

    revoked

    The public key is revoked.

    type

    Set the type of the public key.

    option

    -

    RSA

    Option

    Description

    RSA

    The type of the public key is RSA.

    DSA

    The type of the public key is DSA.

    ECDSA

    The type of the public key is ECDSA.

    ED25519

    The type of the public key is ED25519.

    RSA-CA

    The type of the public key is from RSA CA.

    DSA-CA

    The type of the public key is from DSA CA.

    ECDSA-CA

    The type of the public key is from ECDSA CA.

    ED25519-CA

    The type of the public key is from ED25519 CA.

    usage

    Usage for this public key.

    option

    -

    transparent-proxy

    Option

    Description

    transparent-proxy

    Transparent proxy uses this public key to validate server.

    access-proxy

    Access proxy uses this public key to validate server.
    Previous
    Next