English translations
This post was translated with the help of a translation tool. Therefore, occasional errors are possible. An error-free version is available in German
This page is also available in: Deutsch (German)
In this post we will show you how to decrypt and unpack the backup of the Sophos Firewall Backup and thus make the contents readable.
Normally it should not be necessary to decrypt the encrypted backup of the Sophos Firewall. However, there are cases where you would like to access the contents of the backup. In this article, I'll show you why we did this and how it works.
I recently had a case where I had to access the full backup. The firewall was defective and of course there was no "configuration backup" of the firewall. These backups are only made as required.
Due to time pressure, we had to put a smaller firewall into operation temporarily. It is well known that importing a backup of a firewall from more interfaces than the target hardware has is not possible. So we rebuilt a large part of it. What fun 🙄
Because things were already going well, things had to get worse:
The only way out here was the backup.
What is needed? I always like to use the Windows WSL for the shell. Here you have almost all Linux options directly under Windows. If you don't know it, you should definitely give it a try.
openssl enc -aes-256-cbc -md md5 -d -in encrypted_backup_file -out decryptec_backup.tar.gz
After entering it, you will be asked for the password for decryption. The decrypted backup is then saved under the specified file name (-out xxx.tar.gz). This is a "tar.gz" file. You unpack these with the tool of your choice.
In the unzipped folder you will find the certificates including the private key and the configuration. However, the configuration is difficult to read here as it is only contained in the database export as an SQL file. However, with a little knowledge of SQL, you can find your way around to extract the most important information.
Have fun trying it out. If you have any questions, please write in the comments.
This page is also available in: Deutsch (German)
Feel free to leave a comment and share your opinion! This helps us to improve the tools and drive further exciting developments
This page is also available in: Deutsch (German)
You're leaving the website
You are about to leave the website and are going to:
{fbExpr this.triggerElement.href}
Please make sure that you trust this website as we cannot be held responsible for external content.