WinSCP and FMC - Page 2

donald.heslop1 · ‎03-30-2020

Can anyone tell me how to get the rsa key file and the csr out of the FMC using WinSCP. I've seen so many video that show people using WinSCP to log into the FMC and get the .key and .csr file but they don't go into how WinSCP should be setup to get that to work.

Has anyone experience this problem with WinSCP?

Sudqi · ‎10-09-2024

Thanks for sharing this solution worked with me

Regards

jgustafzon · ‎04-03-2022

Hi, How can I transfer files to the FMC with WinSCP, I desperatly need to upgrade an old FMC and sensor but the GUI upload won't work. I can connect to the FMC with WinSCP and I located the updates folder in /Volume/6.1.0/sf/updates on the FMC but when I try to upload it just gives me scp: /Volume/6.1.0/sf/updates/Sourcefire_3D_Defense_Center_S3_Upgrade-6.2.3-113.sh: Permission denied. I can elivate to expert and sudo su in CLI. I can also download files from the FMC with WinSCP but in this case I want to upload the sensor and FMC 6.2.3 patch. This is an old 6.1.2.57 if that matters. Maybe trying to upload to /Volume/6.1.0/sf/updates is the wrong way to go about this?

Marvin Rhoads · ‎04-04-2022

When you connect to FMC with scp, use the root user (or temporarily chmod the target directory to allow write by all users).

alfred.thyri · ‎08-08-2022

You can also set the Shell inside the WinSCP session options to expert. With this option you can directly connect via WinSCP to FMC.

Gabriel Copil · ‎04-24-2020

LE, the below "solution" works only for FMC v.6.3.x and v.6.4.x

Unfortunately in v.6.5, the ability to disable the FMC CLI was deprecated, so the only possibility is to execute the scp command only directly in the FMC and use a remote SSH server to transfer files (Linux box or Open SSH for Windows).

For v.6.3 and 6.4, here is the solution for WinSCP's failure to connect with the error message:

Error skipping startup message. Your shell is probably incompatible with the application (BASH is recommended).

You need to go in the GUI of the FMC, in System > Configuration > Console Configuration and disable the option "Enable CLI Access". Then press <Save> and try to logon with a ssh client (e.g. Putty) to the FMC management IP. If after you enter the password, you get directly the Linux shell prompt (e.g. admin@test-fmc-01:~$ ), then WinSCP should work correctly also.

If you still get the FMC CLI ( just the symbol ">" ), then make sure you've pressed the <Save> button (ask me how I know ;-))

After I've disabled this option, I could logon to the FMC v.6.4.0.8 with WinSCP, like expected.

You can read here about the option "Enable CLI Access": About the Firepower Management Center CLI

Fatjon.Celaj · ‎09-15-2020

Hi,

first connect in ssh then reach the expert mode:

Cisco Firepower Management Center for VMWare v6.6.0.1 (build 7)

> expert

as you can see from the follwing output the default cli has changed:

admin@fmc:~$ more /etc/passwd
root:x:0:0:Operator:/root:/bin/sh
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
mysql:x:27:27:MySQL:/var/lib/mysql:/sbin/nologin
nobody:x:99:99:nobody:/:/sbin/nologin
sshd:x:33:33:sshd:/:/sbin/nologin
www:x:67:67:HTTP server:/var/www:/sbin/nologin
sfrna:x:88:88:SF RNA User:/Volume/home/sfrna:/sbin/nologin
snorty:x:90:90:Snorty User:/Volume/home/snorty:/sbin/nologin
sfsnort:x:95:95:SF Snort User:/Volume/home/sfsnort:/sbin/nologin
sfremediation:x:103:103::/Volume/home/remediations:/sbin/nologin
admin:x:100:100::/Volume/home/admin:/usr/bin/clish
casuser:x:101:104:CiscoUser:/var/opt/CSCOpx:/sbin/nologin
lamplighter:x:110:110::/var/opt/lamplighter:/bin/sh
monetdb:x:111:111::/Volume/lib/monetdb:/sbin/nologin
fatjon:x:1000:201::/Volume/home/fatjon:/usr/bin/clish

you can modify the default cli of a user by using the following command:

admin@fmc:~$ sudo su

root@fmc:/Volume/home/admin$ usermod --shell /bin/bash admin

now you will be able to use winscp or an sftp client.

after you've finished remeber to rollback:

root@fmc:/Volume/home/admin# usermod --shell /usr/bin/clish admin

KR

f

Peter Koltl · ‎06-29-2023

Files in /var/common can be downloaded from GUI. System-->Monitor and select Active FMC and click on View System & Troubleshoot Details

gacs · ‎10-10-2024

I could use WinSCP both for uploading and downloading with the "admin" account.

Tricks:
- had to enter "expert" as shell command
- "sudo -S su" command was needed to upload.