Wednesday, August 22, 2012

GAiA tricks - mounting DVD

One more thing missing in GAiA is DVD/CD mount point. If you try to do mount /mnt/cdrom on GAiA, you get an error, because of the two reasons:

1. There is not mount point
2. fstab does not have corresponding info.

Let's make it work again.

1. Open fstab to edit with "vi /etc/fstab" and add there the following:

/dev/cdrom /mnt/cdrom udf,iso9660 noauto,owner,kudzu,ro 0 0

2. create /mnt/cdrom folder for using as a mount point: mkdir /mnt/cdrom

Now you are ready to mount your DVD or CD to the machine.

Sunday, August 19, 2012

GAiA tricks - enabling sftp

GAiA is supposed to be more superior and generally better OS than SPLAT. In some aspects it is. But for someone used to work with SPLAT it may also be a hustle. A lot of things are done differently there. I am starting series of posts for GAiA tricks.

Today let's make SFTP work.

If you have ever tried SFTP with GAiA, it does not work for a very simple reason: it is disabled. To enable it, you have to do the following:

  1. Create a new user for SFTP access with default bash shell. Alternatively change admin shell to bash. If you do not know how to do that, check chsh command.
  2. Access Expert mode and open to edit sshd_config file: vi /etc/ssh/sshd_config
  3. Uncomment the following string:
    #Subsystem sftp /usr/libexec/openssh/sftp-server
    and save the file.
  4. Run /etc/init.d/sshd restart
Now enjoy SFTP working again.

Update: As Dameon D. Welch-Abernathy tells me on FB, there is SK for that: SK82281

Update 2: After some rather intensive discussion in one of LinkedIn groups, I have to make a clarification. SCP is working on GAiA same way it was with SPLAT. If you are using WinSCP client, it tries SFTP but falls back to SCP if there is a problem. That means, to transfer files with WinSCP client, you only need to perform step 1 from above. With WinSCP it is not so different from SPLAT.

But if you are not using Windows and/or want to run explicitly SFTP and not SCP, you still have to perform the whole procedure.

Friday, August 17, 2012

Check Point User Group conference 2012 - come along!

Annual CPUG conference will start on 17th of September. It is not yet too late to register, so hurry up and come along!

If you come, check out our intensive classes. I will be happy to see you on my Check Point Best Practices course.

See you there.

Friday, August 10, 2012

MDM R75.40 GAiA based - some gotchas

I have installed a new MDM server (a.k.a Provider-1 MDS) today, and it is R75.40 GAiA based thing.

It was quite interesting experience, considering this is the first GAiA version of MDM. There are some minor things you may want to know.

1. Idle timeout can only be set from WebUI. But even there, it does not seem to work. It did not work for me, although I might be doing something wrong.
2. mds commands are ONLY available from expert shell and not from CLISH. That is a shame, considering, timeout is not exactly OK.
3. Said that, the first configuration and MDS roles are both done from WebUI now.
4. Expert password can only be saved if you set in in CLISH and then log off. If you just reboot, as I did, it is lost, and you have to re-define it again. Such an ugly bug.
5. SmartLog is complaining about having not enough space to start. It might be just my lab server, but I have an impression it reads free space on /opt wrongly.

Feel free to share your own experience.

Update: MDS commands are actually working from CLISH after reboot. What's a relief...