diff --git a/Fortinet-FortiOS.md b/Fortinet-FortiOS.md index b63a1b9..a4dbf93 100644 --- a/Fortinet-FortiOS.md +++ b/Fortinet-FortiOS.md @@ -5,7 +5,7 @@ SSH into an appliance running FortiOS, or use a local serial connection in order ## FortiOS >= 7.4.1 ``` -config system global +# config system global set ssh-enc-algo chacha20-poly1305@openssh.com aes256-gcm@openssh.com set ssh-hostkey-algo ssh-ed25519 set ssh-kex-algo diffie-hellman-group16-sha512 diffie-hellman-group18-sha512 curve25519-sha256@libssh.org @@ -20,7 +20,7 @@ Unless you have modified the defaults, you don't need to these, but you may stil * ``string-crypto``: Should be enabled by default since 6.4.5 ``` -get system global | grep "ssh\|strong-crypto" +# get system global | grep "ssh\|strong-crypto" admin-ssh-grace-time: 120 admin-ssh-password : enable admin-ssh-port : 22 @@ -35,7 +35,7 @@ strong-crypto : enable ## FortiOS 7.0.x / 7.2.x / 7.4.0 ``` -config system global +# config system global set ssh-enc-algo chacha20-poly1305@openssh.com aes256-gcm@openssh.com set ssh-kex-algo curve25519-sha256@libssh.org set ssh-mac-algo hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com @@ -49,7 +49,7 @@ Unless you have modified the defaults, you don't need to these, but you may stil * ``string-crypto``: Should be enabled by default since 6.4.5 ``` -get system global | grep "ssh\|strong-crypto" +# get system global | grep "ssh\|strong-crypto" admin-ssh-grace-time: 120 admin-ssh-password : enable admin-ssh-port : 22