Hi Bill,
I've tried by adding rwuser sukaturi priv manually to
/usr/local/share/snmp/snmpd.conf, it is giving me expected results.
Is there anyway (command) to get priv along with rwuser in
/usr/local/share/snmp/snmpd.conf without editing it mannually.
Thanks,
Suhasini.
On Tue, Jun 27, 2017 at 8:32 PM, Bill Fenner <fen...@gmail.com> wrote:
> On Tue, Jun 27, 2017 at 1:50 AM, Suhasini Katuri <
> katuri.suhas...@gmail.com> wrote:
>
>> Hi All,
>>
>> I've confgured a snmpv3 user with authentication of SHA and encryption of
>> AES and i tried to snmget on mib object of type sysuptime. As follows,
>>
>> i'm using centos and net-snmp version is 5.7.3,
>>
>> [root@centOs67-9 ~]# snmpd -v
>>
>>
>>
>> NET-SNMP version: 5.7.3
>>
>> Web: http://www.net-snmp.org/
>>
>> Email: net-snmp-cod...@lists.sourceforge.net
>>
>>
>> 1. Stop snmpd process
>>
>>
>> 2. Create snmpv3 user as follows
>>
>> [root@centOs67-9 ~]# net-snmp-config --create-snmpv3-user -a SHA -A
>> "my_password" -x AES -x "my_passwordx" sukaturi
>>
>> adding the following line to /var/net-snmp/snmpd.conf:
>>
>> createUser sukaturi SHA "my_password" AES my_passwordx
>>
>> adding the following line to /usr/local/share/snmp/snmpd.conf:
>>
>> rwuser sukaturi
>>
>> 3. Start snmpd process
>>
>> i.e [root@centOs67-9 ~]# /usr/local/sbin/snmpd
>>
>>
>>
>> Snmpd.conf consists of :
>>
>> /var/net-snmp/snmpd.conf:
>>
>>
>>
>> usmUser 1 3 0x80001f88804bacd0564aa3165900000000 "sukaturi" "sukaturi"
>> NULL .1.3.6.1.6.3.10.1.1.3 0x6a54643582b22e968088bf569181292a6d166a7a
>> .1.3.6.1.6.3.10.1.2.4 0xbae320f7db964cdc9fa9b82589b2cde8 ""
>>
>>
>>
>> Snmpget Operations:
>>
>> -----------------------------
>>
>> 1. User: sukaturi
>>
>> Type : authpriv
>>
>>
>> [root@centOs67-9 ~]# snmpget -v 3 -u sukaturi -l authPriv -a SHA -A
>> my_password -x AES -X my_passwordx localhost sysUpTime.0
>>
>> DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (55730) 0:09:17.30
>>
>>
>>
>> I've created snmpv3 user with auth and priv but when i tried to do
>> snmpget with authnopriv, it is accepting and giving results as follows,
>> but it generally need to throw a error like unsupported security level.
>>
>>
>> 2. User: sukaturi
>>
>> Type:authnopriv
>>
>>
>> [root@centOs67-9 ~]# snmpget -v 3 -u sukaturi -l authNoPriv -a SHA -A
>> my_password localhost sysUpTime.0
>>
>> DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (57122) 0:09:31.22
>>
>> [root@centOs67-9 ~]#
>>
>> This is existing with netsnmp versions of 5.7.2 and 5.7.3.
>>
>> does anybody know filed a bug for it?. I've searched in netsnmp.org
>> haven't find bug related to it.
>>
>> Can you guys please mention patch for it if bug is already filed for it.
>> Please can you guys mention the bug name for it.
>>
>>
> The documentation for the "rwuser" configuration option says that this is
> the behavior that it configures, so I would not call this a bug. If you
> want to force privacy, try "rwuser sukaturi priv".
>
> Bill
>
>
--
Thanks & Regards,
suhasini katuri
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users@lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users
