This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
JASPAL_SINGH
Contributor
‎2019-01-30 07:18 AM
Jump to solution

expert-password-hash

Could anyone please guide me like what is the use of command set expert-password-hash ?

Actually when I used this command I am not able to login via expert password that I set before applying this command.

0 Kudos
2 Solutions

Accepted Solutions
Pieter_van_Stok
Participant
‎2019-01-30 08:11 AM
Jump to solution

According to How to reset the Expert mode password in Gaia OS  it is used to reset the Expert mode password:

  1. Connect to the CLI on Gaia machine (over SSH or console).

  2. Log in to CLISH as an adminRole user (a user with monitorRole does not have sufficient permissions).

  3. Find the hash of the CLISH password:

    HostName:0> show configuration

    One line near the end will look similar to this:
    set user <USERNAME> password-hash $1$vCbd0F3d$FjawgvrKBN.4Ed27hTPpB0

  4. Set the hash of the CLISH password to be the hash of the Expert mode password

    HostName:0> set expert-password-hash <HASH_of_CLISH_PASSWORD>
    (in this case: set expert-password-hash $1$vCbd0F3d$FjawgvrKBN.4Ed27hTPpB0 )
  5. Save the configuration:
    HostName:0> save config
  6. Set new Expert mode password:
    HostName:0> set expert-password
  7. Save the configuration
    HostName:0> save config

So you don't use it AFTER you have set a password for Expert mode. 

View solution in original post

(1)
Wolfgang
Authority
Authority
‎2020-10-12 12:39 PM
In response to Abhishek_Singh1
Jump to solution

@Abhishek_Singh1 

follow How to reset Expert password on a Check Point SMB Appliance 

if central managed option 3. should be your choice.

Wolfgang

View solution in original post

11 Replies
Pieter_van_Stok
Participant
‎2019-01-30 08:11 AM
Jump to solution

According to How to reset the Expert mode password in Gaia OS  it is used to reset the Expert mode password:

  1. Connect to the CLI on Gaia machine (over SSH or console).

  2. Log in to CLISH as an adminRole user (a user with monitorRole does not have sufficient permissions).

  3. Find the hash of the CLISH password:

    HostName:0> show configuration

    One line near the end will look similar to this:
    set user <USERNAME> password-hash $1$vCbd0F3d$FjawgvrKBN.4Ed27hTPpB0

  4. Set the hash of the CLISH password to be the hash of the Expert mode password

    HostName:0> set expert-password-hash <HASH_of_CLISH_PASSWORD>
    (in this case: set expert-password-hash $1$vCbd0F3d$FjawgvrKBN.4Ed27hTPpB0 )
  5. Save the configuration:
    HostName:0> save config
  6. Set new Expert mode password:
    HostName:0> set expert-password
  7. Save the configuration
    HostName:0> save config

So you don't use it AFTER you have set a password for Expert mode. 

(1)
yashs
Employee Alumnus
Employee Alumnus
‎2022-09-16 03:29 AM
In response to Pieter_van_Stok
Jump to solution

Please find the updated command:

Connect to the CLI on Gaia machine (over SSH or console).

 

Log in to CLISH as an adminRole user (a user with monitorRole does not have sufficient permissions).

 

Find the hash of the CLISH password:

 

Site-1> show configuration

 

One line near the end will look similar to this:

Site-1> set user yash type admin password-hash $1$g9SZB3nC$1EN5xU1xMpPk5YLGGwXYb.

Set the hash of the CLISH password to be the hash of the Expert mode password

 

Site-1> set expert password-hash $1$g9SZB3nC$1EN5xU1xMpPk5YLGGwXYb.

(in this case: set expert password-hash $1$g9SZB3nC$1EN5xU1xMpPk5YLGGwXYb. )

Save the configuration:

 

Site-1> save config

 

Set new Expert mode password:

HostName:0> set expert-password

Save the configuration

 

Site-1> save config

 

0 Kudos
TINTIN8
Explorer
‎2024-07-18 11:43 PM
In response to yashs
Jump to solution

This worked!!! Thanks bunches!!

0 Kudos
PhoneBoy
Admin
Admin
‎2019-01-30 07:14 PM
Jump to solution

Much simpler way to generate the expert password hash: cp_openssl passwd -1

JASPAL_SINGH
Contributor
‎2019-01-31 04:42 AM
In response to PhoneBoy
Jump to solution

Thanks for the information. Smiley Happy

LuisSP
Collaborator
‎2019-03-04 03:37 PM
In response to PhoneBoy
Jump to solution

Is there something similar command on appliance 1490 ? 

0 Kudos
PhoneBoy
Admin
Admin
‎2019-03-04 09:36 PM
In response to LuisSP
Jump to solution

How to set a new Expert password on SMB appliances (600/700/1100/1200R/1400) 

0 Kudos
Abhishek_Singh1
Contributor
‎2020-10-12 12:12 PM
In response to PhoneBoy
Jump to solution

Hi @PhoneBoy 

 

I have an 1430 appliance running on R77.20 ... tried to reset the expert password with the mentioned command ( with user having admin role) but getting below error --

 

set expert-password-hash XXXXXXXXXXx
      ^
Bad parameter starting at 'expert-password-hash XXXXXX

 

Basically expert-password-hash is not an recognizable command on this appliance , anything else I can try ? 

 

0 Kudos
PhoneBoy
Admin
Admin
‎2020-10-12 12:18 PM
In response to Abhishek_Singh1
Jump to solution

The equivalent command on SMB appliances appears to be set expert password-hash

0 Kudos
Abhishek_Singh1
Contributor
‎2020-10-12 12:22 PM
In response to PhoneBoy
Jump to solution

but thats giving the below error -

"Setting expert password with hash
Expert password already set
Set expert password failed"

I need something to reset expert password 😞

0 Kudos
Wolfgang
Authority
Authority
‎2020-10-12 12:39 PM
In response to Abhishek_Singh1
Jump to solution

@Abhishek_Singh1 

follow How to reset Expert password on a Check Point SMB Appliance 

if central managed option 3. should be your choice.

Wolfgang

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events