This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Vladimir
Champion
Champion
‎2017-10-01 10:40 AM
Jump to solution

Connecting to vSEC in AWS using WinSCP

Had to extract the cpinfo from the vSEC on AWS.

For some reason, using # chsh -s /bin/bash , while successfully changing the shell in session, had no effect for WinSCP, as it continue to complain about shell every time I was trying to connect

Running cpinfo with -z option on vSEC did not produce the compressed file.

had to compress it manually, move it to /var/CPbackup/backups/ and download via WebUI.

I was not sure about the integrity of the resultant file and ended up enabling

"Global Properties/Security Management/Improve product experience by sending information to Check Point" and running cpinfo on vSEC again with upload to SR parameters.

While this approach is acceptable in the lab, it hardly is optimal for production environments.

It would be nice to have the option of uploading cpinfo from selected vSECs to SR without changing Global Settings and pushing policy.

Please let me know if there is a better solution than the one I've ended-up using.

Thank you,

Vladimir

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin
‎2017-10-01 11:30 AM
Jump to solution

If you want to change the shell a user uses (eg for SCP), you need to do it in the Gaia WebUI or in clish.

In clish, the commands are:

set user username shell /bin/bash

save config

View solution in original post

6 Replies
PhoneBoy
Admin
Admin
‎2017-10-01 11:30 AM
Jump to solution

If you want to change the shell a user uses (eg for SCP), you need to do it in the Gaia WebUI or in clish.

In clish, the commands are:

set user username shell /bin/bash

save config

Vladimir
Champion
Champion
‎2017-10-01 02:07 PM
In response to PhoneBoy
Jump to solution

Thank you.

Can you explain the difference between the effect of changing shell using chsh -s /bin/bash and set username shell /bin/bash  for SCP and when each of those is preferable?

There was a discussion some time ago about creating a dedicated account for scp access, but there were caveats as to its ability to access the files created by different users.

0 Kudos
PhoneBoy
Admin
Admin
‎2017-10-02 09:26 AM
In response to Vladimir
Jump to solution

In Gaia, various OS-level configuration files are maintained in a central configuration database.

You manipulate that database using the WebUI and clish, which in turn talks to confd, which updates the various configuration files periodically.

If you use a Linux command like chsh to change the shell, it only updates the OS configuration file, not the Gaia configuration.

As such, those changes are subject to get overwritten.

Eduardo_Aguila
Participant
‎2017-10-02 11:16 AM
In response to PhoneBoy
Jump to solution

I would like to understand what conditions would cause the changes in shell to be overridden.  I have not used the CLISH commands only the Linux chsh command haven't had an issue, yet.  Now I am a little concerned.

0 Kudos
PhoneBoy
Admin
Admin
‎2017-10-02 11:19 AM
In response to Eduardo_Aguila
Jump to solution

Two specific ones I can think of:

1. Anything you do in the Gaia WebUI around user accounts

2. A reboot (all config files are refreshed)

0 Kudos
Vladimir
Champion
Champion
‎2017-10-02 11:20 AM
In response to Eduardo_Aguila
Jump to solution

In my experience, managing on-premises appliances we've never had any issues with using chsh.

First time I have encountered it was connecting to AWS vSEC.

vlad@eversecgroup.com

+1.973.558.2738

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events