Joan Landry <jolan...@adva.com> writes: > Would like to know if there is a way to make snmpd.conf file more > secure - as currently it shows the password for a usm user. > createUser v3user MD5 abcdefghij DES abcdefghij trapsess -r 10 -t 3 -l > authPriv -u v3user -a MD5 -A abcdefghij -x DES -X abcdefghij > 10.11.12.98
Per the documentation, a createUser line should *only* go into the persistent file (/var/net-snmp/snmpd.conf) and is replaced by the agent with a usmUser line after startup. The usmUser line is also sensitive, however, as it contains a private key that is at least localized to just that agent fortunately. That file is written by the process owner and should only be read by the process owner (typically root), and is the best that can be achieved given the need by the protocol to store localized keys. -- Wes Hardaker USC/ISI _______________________________________________ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
