Thanks Bill! Baron
On 8/24/12 2:00 PM, "Bill Fenner" <fen...@gmail.com> wrote: >On Fri, Aug 24, 2012 at 12:15 PM, Baron Roberts <brobe...@mobileiron.com> >wrote: >> Thanks for the help Bill! I assume that I can also use master keys in >> place of the localized keys. Also can I drop the engine ID? For example, >> is this valid: >> >> trapsess -v 3 -u bob -l authPriv -a MD5 -3m >> 526f5eed9fcce26f8964c2930787d82b -x DES -3M >> 526f5eed9fcce26f8964c2930787d82b 1.2.3.4:162 > >It should be valid, yes. I've never tried it. If that set of options >works for the command-line utilities against a similarly-configured >snmpd, then it should work on a trapsess configuration. > > Bill > >> On 8/24/12 4:58 AM, "Bill Fenner" <fen...@gmail.com> wrote: >> >>>On Fri, Aug 24, 2012 at 1:34 AM, Baron Roberts <brobe...@mobileiron.com> >>>wrote: >>>> Hi folks, >>>> >>>> I cannot find a definitive answer so perhaps someone on this list can >>>>help. >>>> I am configuring a v3 trap entry in /etc/snmp/snmpd.conf using >>>>trapsess. I >>>> see numerous examples where the authentication and privacy passwords >>>>are >>>> specified in clear text. This does not seem very secure so I was >>>>wondering >>>> if there is a mechanism for hashing the credentials? I found one >>>>posting >>>> that suggested using the createUser directive but the author indicated >>>>he >>>> had never tried it to confirm that it is a viable approach. Any >>>> clarification would be appreciated. >>> >>>You can specify the engine-ID, and the localized auth and priv >>>parameters: >>> >>>trapsess -v 3 -u bob -l authPriv -e 000000000000000000000002 -a MD5 >>>-3k 526f5eed9fcce26f8964c2930787d82b -x DES -3K >>>526f5eed9fcce26f8964c2930787d82b 1.2.3.4:162 >>> >>>I think the talk about using createUser is that once snmpd has >>>localized the user for you, you can copy the localized keys to the >>>trapsess line. All you need is the remote engineID and the user's >>>localized keys for that engineID. >>> >>> Bill >> >> >> >>------------------------------------------------------------------------- >>----- >> Live Security Virtual Conference >> Exclusive live event will cover all the ways today's security and >> threat landscape has changed and how IT managers can respond. >>Discussions >> will include endpoint security, mobile security and the latest in >>malware >> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ >> _______________________________________________ >> Net-snmp-users mailing list >> Net-snmp-users@lists.sourceforge.net >> Please see the following page to unsubscribe or change other options: >> https://lists.sourceforge.net/lists/listinfo/net-snmp-users ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
