HelloTadas Ivanovas,
Yes there is a pattern repetition involved here - but it is not a
problem - you just have to think carefully what you choose.
This just works exactly as it was designed in the SNMP Specifications,
you can find the details about that here:
https://tools.ietf.org/html/rfc3414#appendix-A.2.1
Kind regards
Bernd Eilers
On 7/13/20 2:58 PM, Tadas Ivanovas wrote:
Hello, I'm using net-snmp 5.8 with version 3 support. I've noticed
that agents can authenticate messages with passwords by pattern only.
What I mean is, for example, if I create the user with password
"aaaaaaaaaaaa" (12 a's), that agent authenticates with password
"aaaaaaaa" (8 a's). I've tried it with Linux OS (OpenWRT and Ubuntu).
Here is how I create a sample SNMP server: /usr/sbin/snmpd -Lo -f -d
-q -Cc /snmpd.conf --noPersistentSave=1 --noPersistentLoad=1
My "snmpd.conf" file looks like this:
agentaddress udp:161
sysLocation location
sysContact em...@example.com
sysName name
exec filedescriptors /bin/cat /proc/sys/fs/file-nr
createUser agurkas MD5 "abcabcabcabcabcabcabcabcabcabcabcabc"
rouser agurkas auth
dlmod chilli /usr/lib/snmpd-mod/chilli.so
dlmod device /usr/lib/snmpd-mod/device.so
dlmod gps /usr/lib/snmpd-mod/gps.so
dlmod gsm /usr/lib/snmpd-mod/gsm.so
dlmod traps /usr/lib/snmpd-mod/traps.so
And authentication is succesful if I try "snmpwalk" command from other
endpoint:
snmpwalk -d -v3 -l authNoPriv -u agurkas -a MD5 -A abcabcabc
192.168.1.1 1.3.6.1.4.1.48690.1.2
This time the pattern is "abc", and it does not matter how many times
you repeat "abc", as long as it meets minimum password length. Did not
find any information online about this problem, maybe some
configurations are wrong?
--
Signature
Mit freundlichen Grüßen | with kind regards
i.A. Bernd Eilers
Fr. Meyer's Sohn (GmbH & Co.) KG
Grüner Deich 19
20097 Hamburg | Germany
Tel.: +49 40 2393 1468
Fax: +49 40 2393 2468
E-Mail: bernd.eil...@fms-logistics.com
<mailto:bernd.eil...@fms-logistics.com>
Internet: www.fms-logistics.com <http://www.fms-logistics.com>
Wir arbeiten ausschließlich auf Grundlage der Allgemeinen Deutschen
Spediteurbedingungen 2017 (ADSp 2017). Die ADSp 2017 beschränken in
Ziffer 23 die gesetzliche Haftung für Güterschäden, die nach der
gesetzlichen Regelung in § 431 HGB auf 8,33 SZR/kg beschränkt ist,
weiter auf 1,25 Mio. € je Schadenfall bzw. 2,5 Mio. € je Schadenereignis
oder auf 2 SZR/kg, je nachdem, welcher Betrag höher ist. Bei
multimodalen Transporten unter Einschluss einer Seebeförderung ist die
Haftungsgrenze generell 2 SZR/kg. Die ADSp sind auf unserer Website
(https://www.fms-logistics.com/agb) abrufbar und werden auf Verlangen
übersandt. Wir haben die Speditionshaftungsversicherung bei W. Droege &
Co. GmbH. & Co. KG gezeichnet.
Unter https://www.fms-logistics.com/datenschutz können Sie unsere
Informationen zum Datenschutz einsehen.
Our services are governed exclusively by the Allgemeine Deutsche
Spediteurbedingungen 2017 (ADSp 2017) (German Freight Forwarders'
General Terms and Conditions 2017). As stated in clause 23 of the ADSp
2017, the statutory liability, which is limited in Section 431 of the
German Commercial Code (HGB) to 8,33 Special Drawing Rights per kilogram
(SDR/kg), is further limited to a maximum of € 1,25 million per claim or
to € 2,5 million per event or to 2 SDR/kg, whichever sum is higher. In
the case of a multimodal transport which includes sea carriage the
maximum liability is in general 2 SDR/kg. The ADSp are available on our
website (https://www.fms-logistics.com/en/general-terms-and-conditions)
and can be obtained from the company on request. Our forwarder liability
insurance is covered at W. Droege & Co. GmbH. & Co. KG.
Under https://www.fms-logistics.com/en/privacy-statement you can find
more information about our data privacy principles.
Gerichtsstand/place of jurisdiction: Hamburg. Handelsregister/commercial
register: Hamburg HRA 41917. Rechtsform/legal form:
Kommanditgesellschaft/Limited Partnership. Persönlich haftende
Gesellschafter/general partner: Speditionsgesellschaft Fr. Meyer's Sohn
mbH. Handelsregister/commercial register: Hamburg HRB 17990.
Geschäftsführer/managing directors: Dominik Lucius, Heiko Voigt
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users@lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users