Hello,
I'm trying to configure net-snmp to have an snmpv3 user that can only access
the net-snmp server from localhost. My goal is to create a user with access
only to the usmUserTable from localhost that will only be used for creating
other users or changing the auth or priv keys of other users.
I have the following in snmpd.conf, but my user can still access net-snmp from
another host on my network. I do not want to enable snmp v1 or v2 at all, so I
don't have any rocommunity or rwcommunity lines. I tried adding one for testing
purposes and it didn't change the behavior.
createUser testuser SHA [password] AES [password]
com2sec testcom localhost private
group testgroup usm testuser
view test_view included usmUserTable
access testgroup "" usm priv exact test_view test_view none
The following command on localhost works as I would like:
#snmpusm localhost create atestUser
User successfully created.
However, if I run this command from any other system, I would expect for it to
fail, but instead, the new user is created. Is there any way to restrict an
snmpv3 user so that they can only talk to net-snmp from localhost?
Thank you.
------------------------------------------------------------------------------
Beautiful is writing same markup. Internet Explorer 9 supports
standards for HTML5, CSS3, SVG 1.1, ECMAScript5, and DOM L2 & L3.
Spend less time writing and rewriting code and more time creating great
experiences on the web. Be a part of the beta today.
http://p.sf.net/sfu/beautyoftheweb
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users@lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users
