On 5 January 2012 12:09, Kumar Sanjay-XJD784 <xjd...@motorolasolutions.com> wrote: > I have configure the snmpv3 user password for > authentication–SHA1 > and privacy-AES as “symbol123” > > But when I try to do the snmp operation with the password “symbol123” or > “symbol123symbol123” or “symbol123symbol123symbol123” > > I am able to do the snmpwalk/snmpset/snmpget.
That's correct - yes. > What could be the Reason for the above issue. Remember that the password is not used directly in authenticating or encrypting SNMPv3 messages. Rather, it is used to generate a localised key, based on the password and the relevant engineID. The algorithms for generating the localised key are given in Appendix A.2 of RFC 3414. If you look at the details of this, you'll see that the first step is to expand the password into a 1 Mb data block, by repeating it as many times as is necessary. The effect of this is to make a password of "abc" essentially equivalent to "abcabcabcabc...." The moral of this story, Oh Best Beloved, is to always use a strong (i.e. long) password, with no repetition. Dave ------------------------------------------------------------------------------ Ridiculously easy VDI. With Citrix VDI-in-a-Box, you don't need a complex infrastructure or vast IT resources to deliver seamless, secure access to virtual desktops. With this all-in-one solution, easily deploy virtual desktops for less than the cost of PCs and save 60% on VDI infrastructure costs. Try it free! http://p.sf.net/sfu/Citrix-VDIinabox _______________________________________________ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
