- Products
- Learn
- Local User Groups
- Partners
- More
Welcome to Maestro Masters!
Talk to Masters, Engage with Masters, Be a Maestro Master!
Join our TechTalk: Malware 2021 to Present Day
Building a Preventative Cyber Program
Be a CloudMate!
Check out our cloud security exclusive space!
Check Point's Cyber Park is Now Open
Let the Games Begin!
As YOU DESERVE THE BEST SECURITY
Upgrade to our latest GA Jumbo
CheckFlix!
All Videos In One Space
All,
We’d like to setup a system where our MoveIT server will be able to pull our gateway config backups. Is there a way for us to create a Local account with only access /var/log/CPbackup/backups? If possible we would like restrict this account to only pull from the folder. Which roles would be required to do so if possible to do so?
Thanks,
Bill
First you'll want to create a scponly user.
Alternatively, could you write a script that scps files from /var/log/CPbackup/backups to your server and then crontab that script to run periodically?
Can this be isolated to /var/log/CPbackup/backups folder?
What you’re describing would be best achieved through use of a chroot jail.
While I’m not sure you can execute these exact steps on Gaia OS, this outlines the basic process.
Create the users and groups using standard Gaia OS commands using scponly shell.
https://passingcuriosity.com/2014/openssh-restrict-to-sftp-chroot/
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY