config firewall access-proxy-ssh-client-cert
Configure Access Proxy SSH client certificate.
config firewall access-proxy-ssh-client-cert Description: Configure Access Proxy SSH client certificate. edit <name> set source-address [enable|disable] set permit-x11-forwarding [enable|disable] set permit-agent-forwarding [enable|disable] set permit-port-forwarding [enable|disable] set permit-pty [enable|disable] set permit-user-rc [enable|disable] config cert-extension Description: Configure certificate extension for user certificate. edit <name> set critical [no|yes] set type [fixed|user] set data {string} next end set auth-ca {string} next end
config firewall access-proxy-ssh-client-cert
Parameter |
Description |
Type |
Size |
Default |
||||||
---|---|---|---|---|---|---|---|---|---|---|
name |
SSH client certificate name. |
string |
Maximum length: 79 |
|
||||||
source-address |
Enable/disable appending source-address certificate critical option. This option ensure certificate only accepted from FortiGate source address. |
option |
- |
disable |
||||||
|
|
|||||||||
permit-x11-forwarding |
Enable/disable appending permit-x11-forwarding certificate extension. |
option |
- |
enable |
||||||
|
|
|||||||||
permit-agent-forwarding |
Enable/disable appending permit-agent-forwarding certificate extension. |
option |
- |
enable |
||||||
|
|
|||||||||
permit-port-forwarding |
Enable/disable appending permit-port-forwarding certificate extension. |
option |
- |
enable |
||||||
|
|
|||||||||
permit-pty |
Enable/disable appending permit-pty certificate extension. |
option |
- |
enable |
||||||
|
|
|||||||||
permit-user-rc |
Enable/disable appending permit-user-rc certificate extension. |
option |
- |
enable |
||||||
|
|
|||||||||
auth-ca |
Name of the SSH server public key authentication CA. |
string |
Maximum length: 79 |
|
config cert-extension
Parameter |
Description |
Type |
Size |
Default |
||||||
---|---|---|---|---|---|---|---|---|---|---|
name |
Name of certificate extension. |
string |
Maximum length: 127 |
|
||||||
critical |
Critical option. |
option |
- |
no |
||||||
|
|
|||||||||
type |
Type of certificate extension. |
option |
- |
fixed |
||||||
|
|
|||||||||
data |
Data of certificate extension. |
string |
Maximum length: 127 |
|