Hi, Please see my comments inline in your mail below (Red color). The following
are the o/p of commands I executed. ********************************************************** SNMP gets for user (admin): # snmpget -v 3 -u admin -a SHA -A
1b86f231bebe46020cd5ff6d4f9ae7b29eeeb1ae -x AES -X
bebe46020cd5ff6d4f9ae7b29eeeb1ae -l authPriv 10.201.114.135 system.sysUpTime.0 SNMPv2-MIB: sysUpTime.0 = Timeticks: (1100758) 3:03:27.58 # snmpget -v 3 -u admin -a SHA -A
1b86f231bebe46020cd5ff6d4f9ae7b29eeeb1ae -x AES -X
bebe46020cd5ff6d4f9ae7b29eeeb1ae -l authPriv 10.201.114.135 usmDHParameters.0 SNMP-USM-DH-OBJECTS-MIB::usmDHParameters.0 = Hex-STRING: 30 66 02 61 00
FF FF FF FF FF FF FF FF C9 0F DA A2 21 68 C2 34 C4 C6 62 8B 80 DC 1C D1 29 02 4E 08 8A 67 CC 74 02 0B BE A6 3B 13 9B 22 51 4A 08 79 8E 34 04 DD EF 95 19 B3 CD 3A 43 1B 30 2B 0A 6D F2 5F 14 37 4F E1 35 6D 6D 51 C2 45 E4 85 B5 76 62 5E 7E C6 F4 4C 42 E9 A6 3A 36 20 FF FF FF FF FF FF FF FF 02 01 02 ********************************************************** Changing the DH Key for user (admin): # snmpusm -v 3 -u admin -a SHA -A
1b86f231bebe46020cd5ff6d4f9ae7b29eeeb1ae -x AES -X
bebe46020cd5ff6d4f9ae7b29eeeb1ae -l authPriv 10.201.114.135 -Ca -Cx changekey
admin new auth key: 0x3032e6580e5eacfec63e8cdc8029162f2323fbec new priv key: 0x588c9b2ed297b752048b9517c36195ab SNMPv3 Key(s) successfully changed. SNMP get on using new keys: # snmpget -v 3 -u admin -a SHA -A
3032e6580e5eacfec63e8cdc8029162f2323fbec -x AES -X
588c9b2ed297b752048b9517c36195ab -l authPriv 10.201.114.135 usmDHParameters.0 snmpget: Authentication failure (incorrect password, community or key) SNMP get using same old original keys:
(Of course, this query should fail) snmpget -v 3 -u admin -a SHA -A
1b86f231bebe46020cd5ff6d4f9ae7b29eeeb1ae -x AES -X
bebe46020cd5ff6d4f9ae7b29eeeb1ae -l authPriv 10.201.114.135 usmDHParameters.0 snmpget: Authentication failure (incorrect password, community or key) Thanks Mahesh -----Original Message----- >>>>> On Wed, 10 May 2006 16:54:18 +0530,
<[EMAIL PROTECTED]> said: kanakamahesh> I changed DH keys with snmpusm and I tried snmpgets
with kanakamahesh> new auth/priv keys. But I did not get any results for kanakamahesh> any MIB? Were the new snmpgets immediate before you stopped the agent? I know it works, because I've done it... Mahesh> New snmpgets are immediate after
keys change before snmpd exits. If you're creating new users and changing their keys, you have to give them access control rights too... Mahesh> I did not create new users; I
changed keys for existing user only. If this is for a user that is already working before hand (IE, snmpget works, then snmpusm dh, then snmpget fails) then something is definitely odd... The hard part is debugging it. kanakamahesh> Anything configuration changes required from snmpd
side, kanakamahesh> in order for new auth/priv keys to work? Nope, it should just work assuming you have access rights too... How are you specifying the new keys for the new snmpget? -- Wes Hardaker Sparta, Inc. ------------------------------------------------------- Using Tomcat but need to do more? Need to support web services,
security? Get stuff done quickly with pre-integrated technology to make your job
easier Download IBM WebSphere Application Server v.1.0.1 based on Apache
Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users |
- RE: snmpusm + changekey (DH Keys) kanakamahesh.anasuri
- RE: snmpusm + changekey (DH Keys) kanakamahesh.anasuri