I am using Net-SNMP 5.3.0.1 and I noticed that I can clone a user from a
template user with security level authpriv and start using it immediately, with
the template user pass phrases. This seems to be against the RFC 3414 (Section
5), which requests the usmUserStatus of a cloned user to remain in "notReady"
until the keys are changed:
"usmUserStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION "The status of this conceptual row.
Until instances of all corresponding columns are appropriately configured, the
value of the corresponding instance of the usmUserStatus column is 'notReady'.
In particular, a newly created row for a user who employs authentication,
cannot be made active until the corresponding usmUserCloneFrom and
usmUserAuthKeyChange have been set.
Further, a newly created row for a user who also employs privacy, cannot be
made active until the usmUserPrivKeyChange has been set."
Is this a bug from Net-SNMP? Any idea of how to solve it?
Thanks,
Gabriel
-- Gabriel Sebastián del Blanco
-- Motorola Software Group
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
Net-snmp-coders mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
