A common question I get from customers is how to securely copy files to and from a SPlat box. Most people assume that because SSH is enabled that SCP and SFTP are enabled as well.
SCP is available on SPlat, but does not work “out of the box.” The SSH build used on SPlat requires that a special file be created. In that file, you must include the names of the accounts that you wish to allow SCP access. The name of the file is ‘scphosts’ and it is put in the ‘/etc’ directory. This is covered in article sk26258, but I find that quite a few customers forget to check the Check Point Knowledge Base. If you happen to be new to ‘SCP’ take a look at sk26286 for some examples.
To get this setup quickly, SSH to a SPlat box and use the text below:
echo [name of account]>>/etc/scpusers *Note the ‘>>’ will create or append an existing file*
So to enable the default account ‘admin’ you would use:
Each additional account must be on its own line, but the ‘>>’ will take care of that.