Category: CheckPoint

Posted on

Checkpoint: Change the Default Shell for “admin” in Gaia and SecurePlatform

This article details how to change the default shell for both Gaia and SecurePlatform (SPlat) systems.

SecurePlatform

In SecurePlatform, all we need to do is log in to expert mode and use the change shell command – chsh:

myfirewall > expert
Enter expert password:
myfirewall # chsh -s /bin/bash admin<

Shell changed.

This permanently changes the shell and will survive a reboot.

Gaia

The above will also work in Gaia but will not survive a reboot – the shell will default back to clish. Doing a “cat” on /etc/shells in expert mode will show you what is available:

myfirewall> expert
Enter expert password:

Warning! All configuration should be done through clish
You are in expert mode now.

[Expert@myfirewall:0]# cat /etc/shells
/bin/sh
/bin/bash
/sbin/nologin
/usr/bin/scponly
/bin/tcsh
/bin/csh
/etc/cli.sh
[Expert@myfirewall:0]#

To effect the change we use the “set user” command, in this example we will set it to the bash shell:

myfirewall> set user admin <tab to show options:>
force-password-change - Force the user to change their password
gid - User's group ID
homedir - User's home directory
info - DEPRECATED synonym for 'realname'
lock-out - Unlock a locked out user
newpass - User's new password
password - User's password
password-hash - User's password hash
realname - User's real name or other informative label
shell - User's login shell
uid - User's numeric user ID
myfirewall> set user admin shell /bin/bash
myfirewall> save config
myfirewall>

 

** Don’t forget the “save config” at the end!! **

 

Related posts:

Posted on

Checkpoint: Object Filler and Object Dumper (ofiller)

This article offers a download of Martin Hoz’s (Checkpoint SE) Ofiller tool and describes basic usage.

The package software can be downloaded here:

ofiller_v2.4.tgz

There is full documentation in the package but a quick look at page 53 of the manual yields the following:

odumper -f file [-p file] -o file [-d] [-html] [-v]
-f specifies the path to the objects (Objects_5_0.C or objects.C) file you want to process
-p specifies the path to the rulebases (rulebases_5_0.fws) file you want to process - Optional
-o specified the path to the output formatted file you want to have
-d tells the program to also print the default objects - Optional
-html formats the output to HTML (instead of default CSV format) - Optional
file is a valid filename - such as output.txt, output.html or objects.C
Required parameters: -f and -o

** Important ** – Run this on copies of the files and not against the files on the live firewall!

  • To dump objects only:

odumper -f copy_of_Objects_5_0.C -o my_objects.csv

  • To dump rules only:

odumper -p Copy_of_rulebases_5_0.fws -o my_rules.csv

  • To dump both rules and objects to the same file:

odumper -f copy_of_Objects_5_0.C -p Copy_of_rulebases_5_0.fws -o my_objects_and_rules.csv

 

Note: If you are dumping these to re-import on another management centre then dump rules and objects individually as per the first two examples.

Related posts:

Posted on

Checkpoint: Recover Your Product Key for an Edge or Sofaware Safe@

This article describes how to recover a lost product key for the above devices as well as perform a quick diagnostic of your Edge or Safe@ device.

When you first receive your device, it is “dormant” and you are presented with a device initialisation screen where you enter your product key – this defines how many nodes or users you can have going through the gateway.

There are two ways to reset your box – one way will basically blank all your settings but the other way will stick the machine into complete factory default mode including reverting to the original firmware which came with the box unitialised!

After 5 years I no longer had the product key but all was not lost! I found this little gem – an undocumented test page under “/pub/test.html” – it showed both the current “dormant” key was the dormant one, the previous key for unlimited nodes was also there – total result.

All you need to is enter https://my.firewall/pub/test.html and you get the screen below.

So now it’s happily functioning again, thanks to the undocumented page – verified with the latest firmware at the time of posting – 8.2.55x !!!

Related posts:

Exit mobile version
%%footer%%