Home How to Checkpoint FW GAIA – remote admin/expert password reset

Checkpoint FW GAIA – remote admin/expert password reset

by admin

Checkpoint FW GAIA – remote admin/expert password reset

Check Point Gaia is the next generation Secure Operating System for all Check Point Appliances, Open Servers and Virtualized Gateways. Gaia combines the best features from IPSO and SecurePlatform (SPLAT) into a single unified OS providing greater efficiency and robust performance. By upgrading to Gaia, customers will benefit from improved appliance connection capacity and reduced operating costs. With Gaia, IP Appliance customers will gain the ability to leverage the full breadth and power of all Check Point Software Blades.

Sometimes you need to reset your admin or expert password in GAIA and you do not have physical access to the machine. Follow procedure below  to reset passwords remotely from management (of course there must be SIC established before your GW and management you will issue commands from):

1. Switch to the context of the involved Domain that manages your Security Gateway:

[Expert@HostName]# mdsenv <Domain_Name>

 

2. Generate hash for new password – run the following command and save the generated hash string:

[Expert@HostName]# /sbin/grub-md5-crypt  

 

3. Ensure that the Clish database is unlocked on the remote Security Gateway:

[Expert@HostName]# $CPDIR/bin/cprid_util -server <IP_of_Gateway> -verbose rexec -rcmd /bin/clish -s -c 'set config-lock on override'  

 

4. Change the admin user password:

[Expert@HostName]# $CPDIR/bin/cprid_util -server <IP_of_Gateway> -verbose rexec -rcmd /bin/clish -s -c 'set user admin password-hash <Password_Hash_from_Step_2>'

 

5. You can also change the Expert password:

[Expert@HostName]# $CPDIR/bin/cprid_util -server <IP_of_Gateway> -verbose rexec -rcmd /bin/clish -s -c 'set expert-password-hash <Password_Hash_from_Step_2>'

 

READ ALSO:  How to install Fail2Ban on the Raspberry Pi/Unix server

You may also like

Leave a Comment

* By using this form you agree with the storage and handling of your data by this website.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept

Privacy & Cookies Policy