Connecting to the CLI using SSH
Once the FortiGate unit is configured to accept SSH connections, you can use an SSH client on your management computer to connect to the CLI.
Secure Shell (SSH) provides both secure authentication and secure communications to the CLI. FortiGate units support 3DES and Blowfish encryption algorithms for SSH.
Before you can connect to the CLI using SSH, you must first configure a network interface to accept SSH connections. For details, see
“Enabling access to the CLI through the network (SSH or Telnet)”. The following procedure uses PuTTY. Steps may vary with other SSH clients.
To connect to the CLI using SSH
1. On your management computer, start an SSH client.
2. In Host Name (or IP Address), enter the IP address of a network interface on which you have enabled SSH administrative access.
3. In Port, enter 22.
4. For the Connection type, select SSH.
5. Select Open.
The SSH client connects to the FortiGate unit.
The SSH client may display a warning if this is the first time you are connecting to the FortiGate unit and its SSH key is not yet recognized by your SSH client, or if you have previously connected to the FortiGate unit but used a different IP address or SSH key. This is normal If your management computer is directly connected to the FortiGate unit with no network hosts between them.
6. Click Yes to verify the fingerprint and accept the FortiGate unit’s SSH key. You will not be able to log in until you have accepted the key.
7. The CLI displays a login prompt.
8. Type a valid administrator account name (such as admin) and press Enter.
9. Type the password for this administrator account and press Enter.
The FortiGate unit displays a command prompt (its host name followed by a #). You can now enter CLI commands.
| If three incorrect login or password attempts occur in a row, you will be disconnected. If this occurs, wait one minute, then reconnect to attempt the login again. |
See Also