Hi All,
I got the answer. RFC 3414 says
"
longer passwords with repetitive strings may result in exactly the
same key. For example, a password 'bertbert' will result in exactly
the same key as password 'bertbertbert'."
On Wed, Aug 15, 2018 at 5:29 PM, Pushpa Thimmaiah <
pushpa.thimma...@gmail.com> wrote:
>
>
> Hi All,
>
> I am using snmp-5.7.1 . I have noticed that key generated for passphrase
> which has repeated chars eg: aaaaaaaaaa, bbbbbbbb, kkkkkkkkk are same.
> This will result in illegal access.
>
> ---------------------------------------------------------------
>
> 1) Correct passwords <---- Expected behaviour
> snmpget -v 3 -u user1238k -a SHA -A kkkkkkkk -x AES -X kkkkkkkk -l
> authPriv 192.168.7.242 .1.3.6.1.2.1.1.3.0
> iso.3.6.1.2.1.1.3.0 = Timeticks: (10995) 0:01:49.95
>
> 2) private password 'kkkkkkkka' instead of kkkkkkkk (8k's)
> snmpget -v 3 -u user1238k -a SHA -A kkkkkkkk -x AES -X kkkkkkkka -l
> authPriv 192.168.7.242 .1.3.6.1.2.1.1.3.0
> Timeout: No Response from 192.168.7.242. <---- Expected behaviour
>
> 3) Use private password as (9k's) kkkkkkkkk instead of 8k's
> snmpget -v 3 -u user1238k -a SHA -A kkkkkkkk -x AES -X kkkkkkkkk -l
> authPriv 10.208.207.242 .1.3.6.1.2.1.1.3.0
> iso.3.6.1.2.1.1.3.0 = Timeticks: (16111) 0:02:41.11 <-----
> password is wrong but snmp-agent throws no err
>
> ---------------------------------------------------------------------
>
> I did checked persistent config file
>
> /var/lib/snmp/snmpd.conf
> ------------------------------------------
> createUser user1238k SHA kkkkkkkk AES kkkkkkkk <--------- Both Auth
> Phrase and priv phrase are (8k's ) kkkkkkkk
> usmUser 1 3 0x80001f88030023123445df "user1238k" "user1238k" NULL
> .1.3.6.1.6.3.10.1.1.3 0x4338baa9fc2e7b611ae644751c1aa6f4ca7ba6b4
> .1.3.6.1.6.3.10.1.2.4 0x4338baa9fc2e7b611ae644751c1aa6f4 ""
>
> createUser user22210k SHA kkkkkkk AES kkkkkkkkkk <--------- Auth
> Phrase (8k's ) kkkkkkkk and priv phrase (10k's) kkkkkkkkkkk
> usmUser 1 3 0x80001f88030023123445df "user22210k" "user22210k" NULL
> .1.3.6.1.6.3.10.1.1.3 0x4338baa9fc2e7b611ae644751c1aa6f4ca7ba6b4
> .1.3.6.1.6.3.10.1.2.4 0x4338baa9fc2e7b611ae644751c1aa6f4 ""
>
>
> How to resolve this issue? Is this bug?
>
>
> Thanks,
> Pushpa Thimmaiah
>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users@lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users
