how to use winscp for CheckPoint R77.30

[Flexible]

Dear all.

After upgrade R77.20 to R77.30, i found that i can not use winscp tool to connect the gateways with version R77.30
I also change shell bash again by chsh -s /bin/bash without help.


Any one can give any advice?

Thanks and Best Regards,
Flexible

[laf_c]

Can you share cat /etc/passwd | grep username_you_use_for_winscp

[Flexible]

Can you share cat /etc/passwd | grep username_you_use_for_winscp

Here you are

admin:x:0:0::/home/admin:/etc/cli.sh

[danjun]

Don't change your shell! Create a scpuser.

Code:

add user scpuser uid 2600 homedir /home/scpuser
set user scpuser shell /usr/bin/scponly
set user scpuser password
save config

Want more Check Point info?
Read our tech blog!

[laf_c]

Here you are

admin:x:0:0::/home/admin:/etc/cli.sh

I was not aware of a dedicated SCP user. Still if you want to use admin for SCP you should have /bin/bash on your admin passwd output.

On R77.20 Gaia I have succesfully used: set user admin shell /bin/bash

[Flexible]

Don't change your shell! Create a scpuser.

Code:

add user scpuser uid 2600 homedir /home/scpuser
set user scpuser shell /usr/bin/scponly
set user scpuser password
save config

Want more Check Point info?
Read our tech blog!

IT is working now. Thank you very much

[blason]

or simple one

run below command from expert mode

chsh -s /bin/bash admin

[jflemingeds]

or simple one

run below command from expert mode

chsh -s /bin/bash admin

That is only valid for splat. For Gaia you need to do it like this from clish (like laf_c said)

set user admin shell /bin/bash
save config

Technically you can edit using chsh, but if someone adds or does anything that triggers a passwd rebuild you'll lose the change.

[blason]

This possible in GAIA as well in expert mode. Agree you are in expert mode that means you are in splat mode.

[jflemingeds]

This possible in GAIA as well in expert mode. Agree you are in expert mode that means you are in splat mode.

There is no such thing as splat mode, its just a root shell. What i'm saying is you should not be doing edits to /etc/passwd (which is what chsh is doing) because anything you do in clish that modifies user info will rebuild /etc/passwd and you will lose your change. Here is an example. I go into expert, change the shell with chsh, then only change the password for admin. Notice how i just lost the chsh change?

That is why you should only be using clish or webui for changing user account info.


MGMTR7730> expert
Enter expert password:

Warning! All configuration should be done through clish
You are in expert mode now.

[Expert@MGMTR7730:0]# chsh -s /bin/bash admin
Changing shell for admin.
Shell changed.
[Expert@MGMTR7730:0]# egrep admin /etc/passwd
admin:x:0:0::/home/admin:/bin/bash
[Expert@MGMTR7730:0]# exit
exit
MGMTR7730> set user admin password
New password:
Verify new password:
MGMTR7730> save config
MGMTR7730> expert
Enter expert password:

Warning! All configuration should be done through clish
You are in expert mode now.

[Expert@MGMTR7730:0]# egrep admin /etc/passwd
admin:x:0:0::/home/admin:/etc/cli.sh

[security4it]

It is really simple. Just create a user in the GAIA GUI with bash as the default Shell.

No need to do all the other cli commands.