WinSCP to FMC

Adding this for posterity as Cisco forum threads have a tendency to disappear. Thanks to Fatjon.Celaj for this information.

Whilst SSH’d into the FMC enter expert mode using the keyboard ‘expert’.
Run more or less on /etc/password to confirm what the default shell is for the admin user. (If this is what you’re using).

For example:
admin@fmc:~$ more /etc/passwd
root:x:0:0:Operator:/root:/bin/sh
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
mysql:x:27:27:MySQL:/var/lib/mysql:/sbin/nologin
nobody:x:99:99:nobody:/:/sbin/nologin
sshd:x:33:33:sshd:/:/sbin/nologin
www:x:67:67:HTTP server:/var/www:/sbin/nologin
sfrna:x:88:88:SF RNA User:/Volume/home/sfrna:/sbin/nologin
snorty:x:90:90:Snorty User:/Volume/home/snorty:/sbin/nologin
sfsnort:x:95:95:SF Snort User:/Volume/home/sfsnort:/sbin/nologin
sfremediation:x:103:103::/Volume/home/remediations:/sbin/nologin
admin:x:100:100::/Volume/home/admin:/usr/bin/clish
casuser:x:101:104:CiscoUser:/var/opt/CSCOpx:/sbin/nologin
lamplighter:x:110:110::/var/opt/lamplighter:/bin/sh
monetdb:x:111:111::/Volume/lib/monetdb:/sbin/nologin
fatjon:x:1000:201::/Volume/home/fatjon:/usr/bin/clish

Notice that the default shell is ‘clish’. If you’ve attempted to connect to the FMC using WinSCP with the protocol set to SCP, you’ll be presented with an error message about the shell type.

To change the shell type you need to switch to the root user by executing ‘sudo su‘.

Modify the admin’s shell to use Bash with the following

usermod –shell /bin/bash admin‘.

Now you’ll be able to use WinSCP. To revert it back use

usermod –shell /usr/bin/clish admin‘.

Leave a Reply

Your email address will not be published. Required fields are marked *