https://community.checkpoint.com/t5/Firewall-and-Security-Management/Admin-password-hash/m-p/134457#M20148 <P>It seems to be any bash script</P><P>I'm using terraform to deploy the stand-alone&nbsp;<SPAN>AWS CloudGuard gateway.</SPAN></P><P>I’m using the templatefile function to reference a batch script.</P><P>In the aws_instance resource, for user_data im passing the raw data via a bash script with associated variables.&nbsp;</P><P>i.e. user_data = templatefile("${path.module}/gw_user_data.sh", {vars}</P><P>The bash script is located in the path of the module as specific by the interpolation above&nbsp;${path.module}.</P><P>Validation and plan operations complete successfully.</P><P>However the gateway is not being configured with this data with the instance is launched.&nbsp;</P> Fri, 19 Nov 2021 02:09:39 GMT Simon_Macpherso 2021-11-19T02:09:39Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Admin-password-hash/m-p/134321#M20116 <P>Trying to set the admin account password using a password hash but I can't log in after it has been set.</P><P>Tried with R80.40 and R81.10.&nbsp;</P><P>Configuring via a bash script which runs on a stand-alone AWS Cloudguard gateway post-deployment.&nbsp;</P><P>Generating password using SHA256<SPAN>&nbsp;/&nbsp;</SPAN>SHA512:&nbsp;openssl passwd -6 PASSWORD</P><P>Have also tried MD5: openssl passwd -1 PASSWORD</P><P>Password hash is assigned to a variable $pwd_hash and the following is run</P><P>clish -c "set user admin password-hash $pwd_hash" -s&nbsp;</P><P>Are there any caveats I should be aware of when using password-hash with with of these software versions?&nbsp;</P> Thu, 18 Nov 2021 01:15:50 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Admin-password-hash/m-p/134321#M20116 Simon_Macpherso 2021-11-18T01:15:50Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Admin-password-hash/m-p/134322#M20117 <P>MD5 hash is the default I believe.<BR />And the example here suggests you’re doing the right thing, but I think you can specify it as part of the deployment:&nbsp;<A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk104080&amp;partition=Basic&amp;product=vSEC" target="_blank">https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk104080&amp;partition=Basic&amp;product=vSEC</A></P> Thu, 18 Nov 2021 01:29:21 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Admin-password-hash/m-p/134322#M20117 PhoneBoy 2021-11-18T01:29:21Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Admin-password-hash/m-p/134328#M20119 <P>I suspect the cloud-init.sh script isn’t been run during terraform apply.</P><P>I have a similar problem with deploying a stand-alone AWS CloudGuard gateway in to an existing VPC using the <A href="https://github.com/CheckPointSW/CloudGuardIaaS/tree/master/terraform/aws/gateway" target="_blank">CloudGuard Network Security Gateway Terraform module for AWS.</A></P><P>In the module that creates the AWS EC2 instance, a bash script is called to complete post-deployment configuration on the instance, including configuring the admin password.</P><P>However, even though the script resides in the correct location it script does not appear to be getting called.</P><P>I'm using Terraform v1.0.9 on Windows.&nbsp;</P> Thu, 18 Nov 2021 06:48:18 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Admin-password-hash/m-p/134328#M20119 Simon_Macpherso 2021-11-18T06:48:18Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Admin-password-hash/m-p/134451#M20144 <P>If cloud-init.sh isn't running, that sounds like a bug.<BR />Suggest a TAC case.</P> Thu, 18 Nov 2021 22:41:31 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Admin-password-hash/m-p/134451#M20144 PhoneBoy 2021-11-18T22:41:31Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Admin-password-hash/m-p/134457#M20148 <P>It seems to be any bash script</P><P>I'm using terraform to deploy the stand-alone&nbsp;<SPAN>AWS CloudGuard gateway.</SPAN></P><P>I’m using the templatefile function to reference a batch script.</P><P>In the aws_instance resource, for user_data im passing the raw data via a bash script with associated variables.&nbsp;</P><P>i.e. user_data = templatefile("${path.module}/gw_user_data.sh", {vars}</P><P>The bash script is located in the path of the module as specific by the interpolation above&nbsp;${path.module}.</P><P>Validation and plan operations complete successfully.</P><P>However the gateway is not being configured with this data with the instance is launched.&nbsp;</P> Fri, 19 Nov 2021 02:09:39 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Admin-password-hash/m-p/134457#M20148 Simon_Macpherso 2021-11-19T02:09:39Z