>>>>> On Mon, 20 Sep 2004 15:55:57 -0700 (PDT), Latha Krishnamurthi <[EMAIL >>>>> PROTECTED]> said:
Latha> I have declared 2 users in the snmpd.conf file as rwuser. I Latha> have given the create user directive for the first user. I have Latha> enabled both authentication and encrypton. Started the master Latha> agent. During runtime I create the second user by cloning from Latha> the first user, change the keys for him and delete the first Latha> user from whom I cloned. I do all this using snmpusm. I keep Latha> changing the keys for the second user once in a while by Latha> executing snmpusm from a process. I supply the old key pair and Latha> the new key pair to snmpusm. In one such instance (after some Latha> successfull attempts), the master agent returns an Latha> authentication failure for both the authentication key and the Latha> encryption key. My feeling is that somehow the keys in my Latha> memory and the master agent's memory are gone out of sync. I am Latha> not sure why this happened. Is there a work around for this Latha> without restarting the master agent. Is there any snmpusm Latha> option with which I can reset the keys to some known value and Latha> then change them to what I want ?? I'm not sure from your description what might have gone wrong. It is important that you don't mistype the old or new passwords, as even if you do the keychange operation will happen and the keys will be changed (and if you mistype the old password, it'll change the key to something that you won't be able to recover from). Also, make sure that you shutdown the agent properly with a normal kill -TERM. If you had done a kill -9 it wouldn't have saved the user data and thus the user will likely still have an old password in the persistent storage. Options: 1) delete the user and recreate it cloning from something else again. 2) If you are running a 5.2 candidate (cvs or .pre1), it can support the diffie-helman MIB which allows you to negotiate a key between the snmpusm and the agent but it won't be based on a password (it'll look random). -- Wes Hardaker Sparta ------------------------------------------------------- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php _______________________________________________ Net-snmp-users mailing list [EMAIL PROTECTED] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
