On Mon, Jan 07, 2019 at 11:16:02PM -0800, Wes Hardaker via Net-snmp-coders wrote: > Madhusudhana R <madhusudhan...@in.abb.com> writes: > > > With Netsnmp v5.8 upgraded to my project (which was already working with > > v5.7.3), I am finding one > > problem which is as described below. > > > > An user is created in agent (which is netsnmp v5.8) > > How did you configure the access control of the agent? Specifically, if > you have a line like "rwuser NAME" in it, you MUST change it to "rwuser > NAME priv" to force encryption-only traffic. Otherwise the agent will > answer with both encrypted and unencrypted requests (but still > authenticated).
I suppose the default value of the access control is "auth", the man page didn't say what the effects of that was? I think this is a bad idea as a default since that works against the "secure by default" ideal - if someone want to loosen restrictions then they should have to ask for that. Now, I do appreciate that changing this might break the setup for some people but on the other hand it probably will close unintended holes for others. /MF _______________________________________________ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
