Craig Small via Net-snmp-coders <net-snmp-coders@lists.sourceforge.net> writes:
> My understanding is the only way of adding the key is with the snmpusm > command. Except it doesn't work for me. snmpusm is used to change a key, but isn't really doing DH for each transaction after that. It's still using a shared-secret. (D)TLS support is available, however, for using certificates instead which is a more modern cryptographic mechanism. > $ snmpusm -v3 -u simon -l authPriv -a SHA1 -A simon-pass -x AES128 -X > simon-priv > localhost changekey simon > snmpusm: > Can't get diffie-helman exchange from the agent > (maybe it doesn't support the SNMP-USM-DH-OBJECTS-MIB MIB) That may have meant it wasn't complied in. Make sure the snmp-usm-dh-objects-mib module is complied into the agent. -- Wes Hardaker Please mail all replies to net-snmp-coders@lists.sourceforge.net _______________________________________________ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
