|
Password reset on gateway |
|---|
Version R77.x -R80.x:
See sk106490
How to remotely reset Admin / Expert password on a Security Gateway from a Security Management Serve...
|
Password reset on management server |
|---|
Version R77.30 and earlier:
See sk
Reset the Gaia Admin and Expert passwords using EmergenDisk USB flash drive
Version R80.10 and above:
Plan A with SmartConsol connection (thanks to Phoneboy):
Here's the process:
a) Generate the password hash you need using the following command on a Linux system: openssl passwd -1 mypassword (Note: if on a Check Point appliance, use cpopenssl instead)
b) In SmartConsole, right-click on the management object and select Scripts > One-Time Script
c) Type the following into the script field and click Run: clish -c 'set user admin password-hash mypasswordhash' (Note be sure to use single quotes here and replace mypasswordhash with the hash from step a).
d) Now type and click Run: "save configuration"
Plan B with migrate export:
a) Install a new managment server with the same IP.
b) Open a CLISH per ssh (do not close this session)
c)) Open a second connection in expert mode and start a migrate import.
d) After the migrate import change to the CLISH session and change the admin password.
e) Now save the settings "save configuration"
Plan C - A solution without Check Point support for VMWare and Hardware without RAID controller.
Should also work on an appliance or OpenServer without a RAID controller. I tried it with an appliance in the LAB.
So I used the best of aforementioned sites and successfully reset the admin password with this procedure on R80.10:
a) Configure the Check Point VM to use a recent Ubuntu/Debian Desktop ISO and boot from CD-ROM. Select Try Ubuntu/Debian so you will have a Live environment without installing Ubuntu/Debian
b) Open the Terminal application.
c) Enter the following command: sudo su –
d) Create a mounting point: mkdir /mnt/cp
e) Mount the Gaia filesystem: mount /dev/mapper/vg_splat-lv_current /mnt/cp
f) Change the root directory to the Gaia root: chroot /mnt/cp
g) Backup the current Gaia configuration database: cp /config/db/initial_db /config/db/initial_db_backup
h) Connect to the Gaia configuration database: sqlite3 /config/db/initial_db
i) Query the database using SQLite to locate the current admin password. The last line is the current password hash:SELECT * from revisions WHERE binding=”passwd:admin:passwd”;
j) Update the database using SQLite to change the password to ‘admin’. Replace the text old-pw-hash below with the last hash from step i):UPDATE revisions SET value=”$1$zIVyrIdj$1LBW7Pg6XOcXYIgFPTppY.” WHERE binding=”passwd:admin:passwd” AND VALUE=’old-pw-hash‘;
k) Exit SQLite by entering the following command: .exit
l) Exit chroot and go back to Ubuntu/Debian: exit
m) Unmount the Gaia filesystem: umount /mnt/cp
n) Reboot the Check Point VM by entering: reboot
o) Login to the console, SSH or Gaia Portal using user admin and password admin.
p) When in CLISH or Gaia Portal don’t forget to change the password for user admin (and document it!)
|
Password reset on centrally managed SMB appliance |
|---|
Version R77.20:
See sk119633
|
Password reset on LOM |
|---|
See sk120793
| User | Count |
|---|---|
| 27 | |
| 20 | |
| 11 | |
| 10 | |
| 6 | |
| 6 | |
| 5 | |
| 5 | |
| 4 | |
| 4 |
Tue 05 Nov 2024 @ 10:00 AM (CET)
EMEA CM LIVE: 30 Years for the CISSP certification - why it is still on topTue 05 Nov 2024 @ 05:00 PM (CET)
Americas CM LIVE: - 30 Years for the CISSP certification - why it is still on topThu 07 Nov 2024 @ 05:00 PM (CET)
What's New in CloudGuard - Priorities, Trends and Roadmap InnovationsTue 05 Nov 2024 @ 10:00 AM (CET)
EMEA CM LIVE: 30 Years for the CISSP certification - why it is still on topTue 05 Nov 2024 @ 05:00 PM (CET)
Americas CM LIVE: - 30 Years for the CISSP certification - why it is still on topTue 12 Nov 2024 @ 03:00 PM (AEDT)
No Suits, No Ties: From Calm to Chaos: the sudden impact of ransomware and its effects (APAC)Tue 12 Nov 2024 @ 10:00 AM (CET)
No Suits, No Ties: From Calm to Chaos: the sudden impact of ransomware and its effects (EMEA)Tue 19 Nov 2024 @ 12:00 PM (MST)
Salt Lake City: Infinity External Risk Management and Harmony SaaSWed 20 Nov 2024 @ 02:00 PM (MST)
Denver South: Infinity External Risk Management and Harmony SaaS
