Re: net-snmp 5.8 password encryption

Tue, 07 Jan 2020 04:23:40 -0800 

 Michael/Team,

 Can you please provide more information on the below, as I am newbie to snmp 
and net-snmp.

As you mentioned below I removed the user from snmpd.conf, after that snmpwalk 
fails with following error.
debugshell# snmpwalk -v3 -u u1 -a sha -A watchThis123 -l AuthPriv -x AES -X 
watchThis123 localhost iso
Error in packet.
Reason: authorizationError (access denied to that object)


Also cloneFrom fails with following error:
snmpusm localhost cloneFrom u1 u1 -x AES -A watchThis123 -X watchThis123 -l 
AuthPriv -a sha
snmpset: No securityName specified

so added -u option
debugshell# snmpusm localhost cloneFrom u1 u1 -u uma -x AES -A watchThis123 -X 
watchThis123 -l AuthPriv -a sha
User successfully cloned.

this time user is successfully cloned. But still password is not encrypted.

createUser u1 SHA watchThis123 AES watchThis123
group WAAS usm u1

Thanks,
Uma Mohandoss     On Friday, 20 December, 2019, 5:35:28 PM IST, Michael W. 
Lucas <mwlu...@michaelwlucas.com> wrote:  
 
 
The encrypted user is placed in the persistent data file.

You can remove this line from snmpd.conf after the user is created,
and use snmpusm to clone it for new accounts.

==ml


On Fri, Dec 20, 2019 at 05:31:09AM +0000, Uma Mohandoss via Net-snmp-users 
wrote:
> Hi, 
> 
> Net-snmp 5.8, user creation does not encrypt password. Password stored in 
> plain text under /etc/snmp/snmpd.conf.
> 
> Eg. (snippet from snmpd.conf)
> createUser    u1  SHA  watchThis123  AES watchThis123
> group COMMON usm u1
> 
> Need help/patch to encrypt password.
> 
> Thanks,
> Uma Mohandoss
> 
> 
> _______________________________________________
> Net-snmp-users mailing list
> Net-snmp-users@lists.sourceforge.net
> Please see the following page to unsubscribe or change other options:
> https://lists.sourceforge.net/lists/listinfo/net-snmp-users

-- 
Michael W. Lucas     https://mwl.io/
author of: Absolute OpenBSD, SSH Mastery, git commit murder,
Immortal Clay, PGP & GPG, Absolute FreeBSD, etc, etc, etc...
  
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users@lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users






















					Reply via email to