WinSCP to FMC

Adding this for posterity as Cisco forum threads have a tendency to disappear. Thanks to Fatjon.Celaj for this information.

Whilst SSH’d into the FMC enter expert mode using the keyboard ‘expert’.
Run more or less on /etc/password to confirm what the default shell is for the admin user. (If this is what you’re using).

For example:
admin@fmc:~$ more /etc/passwd
root:x:0:0:Operator:/root:/bin/sh
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
mysql:x:27:27:MySQL:/var/lib/mysql:/sbin/nologin
nobody:x:99:99:nobody:/:/sbin/nologin
sshd:x:33:33:sshd:/:/sbin/nologin
www:x:67:67:HTTP server:/var/www:/sbin/nologin
sfrna:x:88:88:SF RNA User:/Volume/home/sfrna:/sbin/nologin
snorty:x:90:90:Snorty User:/Volume/home/snorty:/sbin/nologin
sfsnort:x:95:95:SF Snort User:/Volume/home/sfsnort:/sbin/nologin
sfremediation:x:103:103::/Volume/home/remediations:/sbin/nologin
admin:x:100:100::/Volume/home/admin:/usr/bin/clish
casuser:x:101:104:CiscoUser:/var/opt/CSCOpx:/sbin/nologin
lamplighter:x:110:110::/var/opt/lamplighter:/bin/sh
monetdb:x:111:111::/Volume/lib/monetdb:/sbin/nologin
fatjon:x:1000:201::/Volume/home/fatjon:/usr/bin/clish

Notice that the default shell is ‘clish’. If you’ve attempted to connect to the FMC using WinSCP with the protocol set to SCP, you’ll be presented with an error message about the shell type.

To change the shell type you need to switch to the root user by executing ‘sudo su‘.

Modify the admin’s shell to use Bash with the following

usermod –shell /bin/bash admin‘.

Now you’ll be able to use WinSCP. To revert it back use

usermod –shell /usr/bin/clish admin‘.

*** WARNING ***

Remember to change the shell type back before you log out. Otherwise you might not be able to get back in!

SecureCRT on Linux

TL;DR Using SecureCRT as my native terminal emulator for EVE-NG on Arch works.

To my surprise SecureCRT has a Linux installer. After following the instructions from the comments on the AUR for SecureCRT I managed to get it installed.

There was a few niggling things that I needed to do before I was able to settle in. First thing, use Firefox or any browser based on Firefox. When launching a console from inside EVE, Firefox prompt’s you to select an application. Find and select SecureCRT and set it as the default program. Whenever future console sessions are opened it automatically launches SecureCRT. When using Chrome it doesn’t give me that option, it attempts to launch it through whatever is configured in ‘eve-ng integration‘. I’ve tried setting it to SecureCRT, it would launch but wouldn’t connect. If anyone has any tips on fixing that please leave a comment.

The were two other annoyances I ran into. When launching a console it would open each session in a separate window. If you only want a single window with each session opening inside a tab, then you need to edit the ‘Single Instance’ command inside the Global.ini

The Global.ini on Arch is currently located in $HOME/.vandyke/SecureCRT/

You need to change:

D:”Single Instance”=00000000

To:

D:”Single Instance”=00000001

The other issue that I had was that the top menu bar was missing. This is needed if you ever need/want to access things like the Global options. I had to change the following from:

D:”Show Menu Bar”=00000000

To:

D:”Show Menu Bar”=00000001

This has been a really nice upgrade to my workflow. I’ve attached an image of what it looks like below.