Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Dylan_Jensen
Explorer

Reset Expert Password on an 1100

Here's a little one liner to reset the expert password on 1100, might work with other models but I've never tried it.

Must be ran from the management server.

$CPDIR/bin/cprid_util -server <IP of 1100> -verbose rexec -rcmd /bin/bash -c "cd /pfrm2.0/config1 ; rm expert_pass_"

 

After you run that, ssh into the 1100. Enter expert and now you'll be prompted for a new expert password.

 

7 Replies
G_W_Albrecht
Legend Legend
Legend

This will work on any SMB device !

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
G_W_Albrecht
Legend Legend
Legend

You can also just delet expert_pass and compress the backup again - after import, expert will ask yoi to set a new expert password and you save the time to generate a hash, see here:

 

Also @PhoneBoy  mentioned it: Reset 1450 (Gaia imbedded) expert password

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
Steve_Parry
Participant

We have an 1100 centrally managed device,  the chap who it up a while back has left and we no longer have the expert password.  As it is centrally managed we don't have a Management Server to run this on.  Any suggestions? 

0 Kudos
G_W_Albrecht
Legend Legend
Legend

If it is centrally managed you must have a Management Server to install policy. If it is managed locally, t.m. all configuration is done in WebGUI, see sk106025: How to reset Expert password on a Check Point SMB Appliance

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Steve_Parry
Participant

Thank you Günther, yes it is locally managed, my mistake. The only option from that link seems to be a factory reset.  if I reset, will a restore from backup then overwrite the new passwords I set or will they stay as is?  I've been fortunate never having to restore before.

Steve

0 Kudos
G_W_Albrecht
Legend Legend
Legend

This is only partly true - in sk107558: How to change administrator password to a clear-text password or a password hash you can find how to generate a password hash. In the SMB backup file, you can find the file expert_pass_ that contains the hash top level in the .zip file. If you replace the content of expert_pass_ with a newly generated hash for the new expert password and import the backup, this should reset the expert password. But i have to admit that i did never try this before 😉

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
Constantin
Explorer

Thanks! I can confirm it's working.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events