This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Albin_Petersson
Contributor
‎2022-01-18 04:15 AM
Jump to solution

Cannot get SCP backups to work. how to troubleshoot?

Helloes.

 

We have a SCP backup running to a server today that i don't recall having any problems with when I set it up. Now we're going to move the backups to a new debian server. Seemed like the easiest thing in the world, but I just can't get it to work. And how are you supposed to troubleshoot?

I can SCP from the FW and transfer files, albeit not to the root directory since it's a chroot environment. But the backups are supposed to be stored in the /fw directory anyhow, and i can SCP files there.

 

In var/log/messages i can only see "xpand: failed to copy. fallback. trying to copy without the path." and then "exiting fallback".

there's another log called CPbackup.elg that even though there are lots of errors, doesn't have anything related to the problem.

Where do I look?

0 Kudos
1 Solution

Accepted Solutions
Albin_Petersson
Contributor
‎2022-01-18 07:21 AM
Jump to solution

Funny thing this...

When I created the user, it was created with sh as shell. I didn't think much about it then, but now I changed the shell to bash and added the binary+libs to the chroot environment. And now it works...

So, checkpoints backup program definitly need bash.

It would still have been nice to have some sort of log to look in while troubleshooting, or to use SFTP, but at least it works.

View solution in original post

8 Replies
Ruan_Kotze
MVP Gold
MVP Gold
‎2022-01-18 04:21 AM
Jump to solution

Something that has worked for me in the past is ssh'ing to the backup server from expert mode and accepting the ssh key when prompted,

#ssh backupuser@1.2.3.4

0 Kudos
Albin_Petersson
Contributor
‎2022-01-18 04:29 AM
In response to Ruan_Kotze
Jump to solution

I have added the host-key. I can ssh/scp from the FW to the server.

But I don't understand what the firewall backup function does differently.

 

EDIT: I would really have liked to use SFTP with keys instead of SCP. Is there any hint if SFTP will be added to the backup functionality?

0 Kudos
_Val_
Admin
Admin
‎2022-01-18 06:43 AM
In response to Albin_Petersson
Jump to solution

Check the path and that user has write rights on the target server. If you are convinced there is no config issue, please open a support call for that.

0 Kudos
the_rock
MVP Platinum
MVP Platinum
‎2022-01-18 07:10 AM
Jump to solution

I agree with @_Val_ . I had seen in the past that if you change the path on the server, it works fine. Cant say 100% it would fix it, but worth trying.

 

Best,
Andy
0 Kudos
Albin_Petersson
Contributor
‎2022-01-18 07:21 AM
Jump to solution

Funny thing this...

When I created the user, it was created with sh as shell. I didn't think much about it then, but now I changed the shell to bash and added the binary+libs to the chroot environment. And now it works...

So, checkpoints backup program definitly need bash.

It would still have been nice to have some sort of log to look in while troubleshooting, or to use SFTP, but at least it works.

the_rock
MVP Platinum
MVP Platinum
‎2022-01-18 07:22 AM
In response to Albin_Petersson
Jump to solution

I agree with you...if you cant find the right log, then it makes it more difficult, for sure. Glad it worked!

Best,
Andy
0 Kudos
_Val_
Admin
Admin
‎2022-01-18 07:26 AM
In response to the_rock
Jump to solution

Only one small thing, the log in question, for this specific case, should be actually reviewed on the server side 🙂 All what Gaia has here is, "I cannot write to the remote folder". On the server, you should also see why.

0 Kudos
_Val_
Admin
Admin
‎2022-01-18 07:24 AM
In response to Albin_Petersson
Jump to solution

Correct, bash should be the default shell for a backup user on the target server.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events