Hello, I'm using net-snmp 5.8 with version 3 support. I've noticed that
agents can authenticate messages with passwords by pattern only. What I
mean is, for example, if I create the user with password "aaaaaaaaaaaa"
(12 a's), that agent authenticates with password "aaaaaaaa" (8 a's).
I've tried it with Linux OS (OpenWRT and Ubuntu).
Here is how I create a sample SNMP server: /usr/sbin/snmpd -Lo -f -d -q
-Cc /snmpd.conf --noPersistentSave=1 --noPersistentLoad=1
My "snmpd.conf" file looks like this:
agentaddress udp:161
sysLocation location
sysContact em...@example.com
sysName name
exec filedescriptors /bin/cat /proc/sys/fs/file-nr
createUser agurkas MD5 "abcabcabcabcabcabcabcabcabcabcabcabc"
rouser agurkas auth
dlmod chilli /usr/lib/snmpd-mod/chilli.so
dlmod device /usr/lib/snmpd-mod/device.so
dlmod gps /usr/lib/snmpd-mod/gps.so
dlmod gsm /usr/lib/snmpd-mod/gsm.so
dlmod traps /usr/lib/snmpd-mod/traps.so
And authentication is succesful if I try "snmpwalk" command from other
endpoint:
snmpwalk -d -v3 -l authNoPriv -u agurkas -a MD5 -A abcabcabc 192.168.1.1
1.3.6.1.4.1.48690.1.2
This time the pattern is "abc", and it does not matter how many times
you repeat "abc", as long as it meets minimum password length. Did not
find any information online about this problem, maybe some
configurations are wrong?
--
Pagarbiai,
Linux programuotojas,
Tadas Ivanovas,
+37062691623
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users@lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users
