Entering each time username and password isn’t fun when doing it daily to the same equipment. Saving password in some automated script (Paramiko, Expect, etc) is not very secure per se. Using the SSH certificates, on the other hand, answers all the needs – easy, secure, time saving. Here is how to enable SSH authentication for a user in Fortigate:
Step 1. Create the certificate.
On linux command line we run:
Generating public/private rsa key pair.
Enter file in which to save the key (/home/myuser/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/myuser/.ssh/id_rsa.
Your public key has been saved in /home/myuser/.ssh/id_rsa.pub.
The key fingerprint is:
be:1b:3c:e0:1e:7d:1e:29:04:27:1d:1d:11:41:33:54 myuser@myhost
The key's randomart image is:
+--[ RSA 2048]----+ 

Step 2. Import PUBLIC key saved in Step 1 in the file id_rsa.pub to the Fortigate:
# config system admin
(config)# edit myuser
(myuser)# set ssh-public-key1 "ssh-rsa AAAAB3Nza .. … …<key copy paste goes here, remove the host myhost> …. 0lTo9P myuser"
Step 3. Connect using the certificate
ssh -i /home/myuser/.ssh/id_rsa <ip of the fortigate>
That is it, of course it will work for other Fortinet products having SSH access like Fortimail, FortiAnalyzer, etc .