Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
HeikoAnkenbrand
Champion Champion
Champion

Password reset - Collection

Password reset on gateway

 

Version R77.x -R80.x:
See sk106490
How to remotely reset Admin / Expert password on a Security Gateway from a Security Management Serve...

Password reset on management server

 

Version R77.30 and earlier:
See sk
Reset the Gaia Admin and Expert passwords using EmergenDisk USB flash drive


Version R80.10 and above:

Plan A with SmartConsol connection (thanks to Phoneboy):

Here's the process:

a) Generate the password hash you need using the following command on a Linux system: openssl passwd -1 mypassword (Note: if on a Check Point appliance, use cpopenssl instead)
b) In SmartConsole, right-click on the management object and select Scripts > One-Time Script
c) Type the following into the script field and click Run: clish -c 'set user admin password-hash mypasswordhash' (Note be sure to use single quotes here and replace mypasswordhash with the hash from step a).
d) Now type and click Run: "save configuration"

Screenshot_20190704-132616_Firefox.jpg

 
Plan B with migrate export:

a) Install a new managment server with the same IP.
b) Open a CLISH per ssh (do not close this session)
c)) Open a second connection in expert mode and start a migrate import.
d) After the migrate import change to the CLISH session and change the admin password.
e) Now save the settings "save configuration"

Plan C - A solution without Check Point support for VMWare and Hardware without RAID controller.

Should also work on an appliance or OpenServer without a RAID controller. I tried it with an appliance in the LAB.

So I used the best of aforementioned sites and successfully reset the admin password with this procedure on R80.10:

a) Configure the Check Point VM to use a recent Ubuntu/Debian Desktop ISO and boot from CD-ROM. Select Try Ubuntu/Debian so you will have a Live environment without installing Ubuntu/Debian
b) Open the Terminal application.
c) Enter the following command: sudo su –
d) Create a mounting point: mkdir /mnt/cp
e) Mount the Gaia filesystem: mount /dev/mapper/vg_splat-lv_current /mnt/cp
f) Change the root directory to the Gaia root: chroot /mnt/cp
g) Backup the current Gaia configuration database: cp /config/db/initial_db /config/db/initial_db_backup
h) Connect to the Gaia configuration database: sqlite3 /config/db/initial_db
i) Query the database using SQLite to locate the current admin password. The last line is the current password hash:SELECT * from revisions WHERE binding=”passwd:admin:passwd”;
j) Update the database using SQLite to change the password to ‘admin’. Replace the text old-pw-hash below with the last hash from step i):UPDATE revisions SET value=”$1$zIVyrIdj$1LBW7Pg6XOcXYIgFPTppY.” WHERE binding=”passwd:admin:passwd” AND VALUE=’old-pw-hash‘;
k) Exit SQLite by entering the following command: .exit
l) Exit chroot and go back to Ubuntu/Debian: exit
m) Unmount the Gaia filesystem: umount /mnt/cp
n) Reboot the Check Point VM by entering: reboot
o) Login to the console, SSH or Gaia Portal using user admin and password admin.
p) When in CLISH or Gaia Portal don’t forget to change the password for user admin (and document it!)

 

Password reset on centrally managed SMB appliance


Version R77.20:

See sk119633

How to remotely reset Admin password on Centrally Managed 1100 / 1200R / 1400 appliance from a Secu...

Password reset on LOM

 

See sk120793

➜ CCSM Elite, CCME, CCTE ➜ www.checkpoint.tips
(1)
10 Replies
_Val_
Admin
Admin

There is no conflicting information for R80.x, actually. Evergendisk is not supported.

The SmartConsole reset is described here: Remote Admin/Expert password reset - sk106490

0 Kudos
HeikoAnkenbrand
Champion Champion
Champion

@_Val_ thx

➜ CCSM Elite, CCME, CCTE ➜ www.checkpoint.tips
0 Kudos
HeikoAnkenbrand
Champion Champion
Champion

Will we get an Evergendisk for R80.x (2.6 and 3.10 kernel) in the future?

➜ CCSM Elite, CCME, CCTE ➜ www.checkpoint.tips
_Val_
Admin
Admin

@HeikoAnkenbrand It is hard to predict. My personal take, considering there are some HW compatibility issues with various USBs, it might be tricky.

@Alexander_Kim, do you know who could answer this question? It is no directly platform related, but should be close, right?

Chris_Hrachowy
Participant

I had the password reset problem a few months ago with R80.10. 

A colleague had left the company and had previously changed the  password of the management server:-(
 
We reinstalled the management server and imported the config via migrate import.
 
 
0 Kudos
Paul_Erez
Participant

Is there also a solution for RAID controllers?

0 Kudos
_Val_
Admin
Admin

The mentioned unsupported (!) technique only works because you can mount your Gaia drive as an external volume. It might work for RAID, if you know how to mount it properly, but the amount of efforts you need to make is huge.

I would rather have several admin accounts set on a system, just in case, put some non-technical administrative measures to prevent a situation when a rogue employee can do damage, and of course, there is always a way to reset passwords remotely from SmartConsole. 

HeikoAnkenbrand
Champion Champion
Champion

With Live Debian Linux DVD I always had the problem that I could not load the RAID drivers for the following servers:

HP DL 360/380 G7

HP DL 360/380 G8

 

 

➜ CCSM Elite, CCME, CCTE ➜ www.checkpoint.tips
Natascha_Neye
Explorer

Is it possible to reset a not central managed 1400 appliance?

0 Kudos
_Val_
Admin
Admin

@Natascha_Neye 1400 series are SMB embedded devices and are off topic for this discussion. But yes, you can reset it to factory default, which removes all settings and resets the password.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events