So once it is compiled in, how do you add the Diffie-Hellman in createUser instruction in the snmpd.conf file?
-Simon On Wed, Sep 7, 2022 at 11:21 AM Wes Hardaker <harda...@users.sourceforge.net> wrote: > Craig Small via Net-snmp-coders <net-snmp-coders@lists.sourceforge.net> > writes: > > > My understanding is the only way of adding the key is with the snmpusm > > command. Except it doesn't work for me. > > snmpusm is used to change a key, but isn't really doing DH for each > transaction after that. It's still using a shared-secret. > > (D)TLS support is available, however, for using certificates instead > which is a more modern cryptographic mechanism. > > > $ snmpusm -v3 -u simon -l authPriv -a SHA1 -A simon-pass -x AES128 -X > simon-priv > > localhost changekey simon > > snmpusm: > > Can't get diffie-helman exchange from the agent > > (maybe it doesn't support the SNMP-USM-DH-OBJECTS-MIB MIB) > > That may have meant it wasn't complied in. Make sure the > snmp-usm-dh-objects-mib module is complied into the agent. > > -- > Wes Hardaker > Please mail all replies to net-snmp-coders@lists.sourceforge.net >
_______________________________________________ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
