Checkpoint IPSO Password reset

Posted on November 12, 2010

0



We got a new Nokia Firewall I tried to login and the default username ‘admin’ with the default password ‘Password’ did not work.
What comes in this case: Password Recovery. Checkpoint has already imported the Solution from Nokia Support, this is:

sk41239 – How do I change the admin password when it is lost or unknown?
As always it is not as easy as dokumented, I have run into some problem and was not able to follow the official dokumantation.
Here is what I did.

1. I rebooted the device and followed the instructions:

100% of the system memory tested OK 

Press ESC key twice to skip memory test
2,146,041,856 bytes of system memory tested OK
Starting bootmgr
Loading boot manager..

Boot manager loaded.
Entering autoboot mode.
Type any character to enter command mode.
BOOTMGR[1]>
BOOTMGR[2]> boot -s

Nov 11 08:36:48 init: /etc/spwd.db: No such file or directory
Enter pathname of shell or RETURN for sh:
.: Can’t open /opt/uf/SurfControl/scripts/envset
# /etc/overpw
This program is used to set a temporary admin password when you have
lost the configured password. You must have booted the machine into
single user mode to run it. The configured password will be changed.
Please change the temporary password as soon as you log on to your
system through voyager.

Please enter password for user admin: <Here comes the new password> – Password complexity is not checked!
Please re-enter password for confirmation: <Here comes the new password> – Password complexity is not checked!
Continue? [n] y

Admin password changed. You may enter ^D to continue booting.
THIS IS A TEMPORARY PASSWORD CHANGE.
PLEASE USE VOYAGER TO CREATE A PERMENANT PASSWORD FOR THE USER ADMIN.
# ^swapon: adding /dev/wd0b as swap device

IPSO (Nokia.com) (ttyd0)

This system is for authorized use only.

login: admin

2. I tried to change the password (I did not managed as described in SK)

Password:
Nokia[admin]# dbpasswd admin newpassword “”
Error: Password is not complex enough; try mixing more different kinds of characters (upper case, lower case, digits, and punctuation).

I have tried to change and save the password from CLISH:

Nokia[admin]# clish
NokiaIP290:2> set user admin newpass
NokiaIP290:3> save config
NokiaIP290:4>

3. Quick test if the new password works

Nokia[admin]# reboot
Nov 11 09:41:57 Nokia [LOG_CRIT] reboot: rebooted by admin 

IPSO (Nokia.com) (ttyd0)

This system is for authorized use only.

login: admin
Password:

After reboot I can login :-)

Advertisements
Posted in: Checkpoint, IPSO