Re: Need Help on Snmpv3 AES issue

Tue, 27 Jun 2017 08:02:59 -0700 

On Tue, Jun 27, 2017 at 1:50 AM, Suhasini Katuri <katuri.suhas...@gmail.com>
wrote:

> Hi All,
>
> I've confgured a snmpv3 user with authentication of SHA and encryption of
> AES  and i tried to snmget on mib object of type sysuptime. As follows,
>
> i'm using centos and net-snmp version is 5.7.3,
>
> [root@centOs67-9 ~]# snmpd -v
>
>
>
> NET-SNMP version:  5.7.3
>
> Web:               http://www.net-snmp.org/
>
> Email:             net-snmp-cod...@lists.sourceforge.net
>
>
> 1. Stop snmpd process
>
>
> 2. Create snmpv3 user as follows
>
> [root@centOs67-9 ~]# net-snmp-config --create-snmpv3-user -a SHA -A
> "my_password" -x AES -x "my_passwordx" sukaturi
>
> adding the following line to /var/net-snmp/snmpd.conf:
>
>    createUser sukaturi SHA "my_password" AES my_passwordx
>
> adding the following line to /usr/local/share/snmp/snmpd.conf:
>
>    rwuser sukaturi
>
> 3. Start snmpd process
>
>     i.e [root@centOs67-9 ~]# /usr/local/sbin/snmpd
>
>
>
> Snmpd.conf  consists of :
>
> /var/net-snmp/snmpd.conf:
>
>
>
> usmUser 1 3 0x80001f88804bacd0564aa3165900000000 "sukaturi" "sukaturi"
> NULL .1.3.6.1.6.3.10.1.1.3 0x6a54643582b22e968088bf569181292a6d166a7a
> .1.3.6.1.6.3.10.1.2.4 0xbae320f7db964cdc9fa9b82589b2cde8 ""
>
>
>
> Snmpget Operations:
>
> -----------------------------
>
> 1.  User: sukaturi
>
>      Type : authpriv
>
>
> [root@centOs67-9 ~]# snmpget -v 3 -u sukaturi -l authPriv -a SHA -A
> my_password -x AES -X my_passwordx localhost sysUpTime.0
>
> DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (55730) 0:09:17.30
>
>
>
> I've created snmpv3 user with auth and priv but when i tried to do snmpget
> with  authnopriv, it is accepting and giving results as follows, but it
> generally need to throw a error like unsupported security level.
>
>
> 2. User: sukaturi
>
>      Type:authnopriv
>
>
> [root@centOs67-9 ~]# snmpget -v 3 -u sukaturi -l authNoPriv -a SHA -A
> my_password localhost sysUpTime.0
>
> DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (57122) 0:09:31.22
>
> [root@centOs67-9 ~]#
>
> This is existing with netsnmp versions of 5.7.2 and 5.7.3.
>
> does anybody know filed a bug for it?. I've searched in netsnmp.org
> haven't find bug related to it.
>
> Can you guys please mention patch for it if bug is already filed for it.
> Please can you guys mention the bug name for it.
>
>
The documentation for the "rwuser" configuration option says that this is
the behavior that it configures, so I would not call this a bug.  If you
want to force privacy, try "rwuser sukaturi priv".

  Bill

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users@lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users

Reply via email to