This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Bill_Ng
Collaborator
‎2020-09-17 06:38 AM

backing up configuration and pulling file to different location

All,

We’d like to setup a system where our MoveIT server will be able to pull our gateway config backups.  Is there a way for us to create a Local account with only access /var/log/CPbackup/backups?  If possible we would like restrict this account to only pull from the folder.  Which roles would be required to do so if possible to do so?

Thanks,

Bill

0 Kudos
4 Replies
Danny
Champion Champion
Champion
‎2020-09-17 06:41 AM

First you'll want to create a scponly user.

scottikon
Contributor
‎2020-09-17 08:50 AM
In response to Danny

Alternatively, could you write a script that scps files from /var/log/CPbackup/backups to your server and then crontab that script to run periodically?

Bill_Ng
Collaborator
‎2020-09-17 12:13 PM
In response to Danny

Can this be isolated to  /var/log/CPbackup/backups folder?

0 Kudos
PhoneBoy
Admin
Admin
‎2020-09-20 01:52 PM

What you’re describing would be best achieved through use of a chroot jail.
While I’m not sure you can execute these exact steps on Gaia OS, this outlines the basic process.
Create the users and groups using standard Gaia OS commands using scponly shell. 

https://passingcuriosity.com/2014/openssh-restrict-to-sftp-chroot/

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    Top