topic Re: Unable to login to Security Gateway in Console, SSH, or Gaia Portal in Firewall and Security Management

Unable to login to Security Gateway in Console, SSH, or Gaia Portal

PeterB — Mon, 17 Jun 2024 15:17:52 GMT

Hello everyone,

There is a problem with the admin login on our Checkpoint IP 395 with GAIA OS R77.30. After entering the username in Console, or SSH, the login process is restarted and a"Permission denied" error when trying to log in Gaia Portal.

The steps from sk109114 were carried out, but did not solve the error. Are there any other possibilities?

Re: Unable to login to Security Gateway in Console, SSH, or Gaia Portal

PhoneBoy — Mon, 17 Jun 2024 23:49:56 GMT

This is definitely way out of support and a very uncommon configuration to boot.

What is your intended purpose in trying to gain access to this system?

Re: Unable to login to Security Gateway in Console, SSH, or Gaia Portal

the_rock — Tue, 18 Jun 2024 03:11:07 GMT

IP395? wow, never thought would see that model mentioned here these days lol

Anyway, did you try physically powercycle it and carry out those steps?

Andy

Re: Unable to login to Security Gateway in Console, SSH, or Gaia Portal

PeterB — Mon, 08 Jul 2024 09:58:58 GMT

Thank you very much for the quick response. We know that this is an old system, but we need access to be able to install the patch for CVE-2024-24919.

Re: Unable to login to Security Gateway in Console, SSH, or Gaia Portal

PeterB — Mon, 08 Jul 2024 10:03:18 GMT

Thank you very much for your feedback. We have carried out the specified steps and performed a power cycle via our Security Management Server. But the login behavior has not changed.

Re: Unable to login to Security Gateway in Console, SSH, or Gaia Portal

the_rock — Mon, 08 Jul 2024 10:13:00 GMT

I have no clue then mate, sorry : - (.

Re: Unable to login to Security Gateway in Console, SSH, or Gaia Portal

PeterB — Mon, 08 Jul 2024 10:18:18 GMT

Thanks for your help ... 👍

Re: Unable to login to Security Gateway in Console, SSH, or Gaia Portal

the_rock — Mon, 08 Jul 2024 11:35:03 GMT

I found some stuff online about it, more generally related to linux and they all say its most likely permission issues with the account. Is there another admin account you can try?

Andy

Re: Unable to login to Security Gateway in Console, SSH, or Gaia Portal

Bob_Zimmerman — Mon, 08 Jul 2024 13:44:30 GMT

Try using cprid_util on the management to show the contents of /var/log/secure:

$CPDIR/bin/cprid_util -server <IP_of_Gateway> -verbose rexec -rcmd cat /var/log/secure

This should give you more information about what is going wrong.

Re: Unable to login to Security Gateway in Console, SSH, or Gaia Portal

PeterB — Thu, 05 Dec 2024 20:17:32 GMT

No, unfortunately there is no other admin account on the gateway.

Peter

Re: Unable to login to Security Gateway in Console, SSH, or Gaia Portal

PeterB — Thu, 05 Dec 2024 20:27:01 GMT

When I try to log in to the system as the admin user via SSH, I get the log message:
“sshd[2590]: Failed password for... ”
When I try to log in as the same admin user via the console, I get the log message:
“Login: Permission denied”
Peter

Re: Unable to login to Security Gateway in Console, SSH, or Gaia Portal

Bob_Zimmerman — Thu, 05 Dec 2024 20:42:21 GMT

These commands on your management should add a new user named "backupAdmin" with the password set to '1qaz!QAZ':

firewall="<IP_of_Gateway>" scriptFile=$(mktemp) cat << 'EOF' > "${scriptFile}" add user backupAdmin uid 0 homedir /home/backupAdmin add rba user backupAdmin roles adminRole set user backupAdmin gid 100 shell /bin/bash set user backupAdmin password-hash $6$rounds=10000$hv3SByNB$0g9QWW2Peb0KNHBQvFdMsYPmFAV9Q1HP2jsBeO5RzlqAqMZWxRNNOgTbqVqoeFclLMDYLp/ojcDqlD2JDkQrA1 EOF $CPDIR/bin/cprid_util -server "${firewall}" putfile -local_file "${scriptFile}" -remote_file "${scriptFile}" -perms 444 $CPDIR/bin/cprid_util -server "${firewall}" rexec -rcmd clish -s -f "${scriptFile}"

Replace <IP_of_Gateway> with the address your management uses to refer to the specific box, same as before.