On Tue, Apr 22, 2025 at 8:28 AM Ari Rabinowitz wrote: > > Hi Lee, > > Thanks for the confirmation of what I've been seeing. I've even tried adding > "disableSNMPv3 yes" to the host.conf files for the hosts which don't do > SNMPv3, but it still doesn't work. > This is a sample of the host.conf files I've been trying: > defVersion 2c > defCommunity REDACTED > disableSNMPv3 yes > disableSNMPv2c no > > I have the feeling that once the configuration code sees any SNMPv3 > parameters it can't reset them all and stop looking for SNMPv3, but I haven't > looked at the source code to see. I'm afraid that this will end up being a > large change for the developers, if anyone has the time to look into it and > try to fix it.
I haven't looked at the code either but I can't imagine why putting defVersion 2c in a host.conf file would fail yet putting '-v 2c' on the command line would work. Other than a bug.. assuming the man page is correct.. Regards, Lee > On Mon, Apr 21, 2025 at 5:57 PM Lee wrote: >> >> On Mon, Apr 21, 2025 at 4: 09 PM Ari Rabinowitz wrote: > > Hi, > > I'm >> trying to set up SNMP monitoring of many of our devices. Since most of them >> support SNMPv3 I've set up the following in my /etc/snmp/snmp. conf: > >> defVersion >> ZjQcmQRYFpfptBannerStart >> This Message Is From an External Sender >> This message came from outside your organization. >> >> ZjQcmQRYFpfptBannerEnd >> >> On Mon, Apr 21, 2025 at 4:09 PM Ari Rabinowitz wrote: >> > >> > Hi, >> > >> > I'm trying to set up SNMP monitoring of many of our devices. Since most of >> > them support SNMPv3 I've set up the following in my /etc/snmp/snmp.conf: >> > defVersion 3 >> > defSecurityLevel authPriv >> > defAuthType SHA >> > defPrivType AES >> > defAuthPassphrase REDACTED >> > defPrivPassphrase REDACTED >> > defSecurityName USER >> > >> > I'm able to override the Version 3 parameters such as defSecurityLevel, >> > defAuthType and the passphrases for the devices which support SNMPv3 in >> > host specific configuration files in /etc/snmp/hosts/, but I can't find >> > any way to specify in a host-specific configuration that the host uses >> > version 2c or version 1. Is there any way to do that, if the general >> > default is version 3? >> >> There's supposed to be a way - man snmp.conf says >> For example, if you wanted a particular host to use SNMPv2c by >> default >> you could create a ˜/.snmp/hosts/NAME.conf file and in it put: >> >> defVersion 2c >> >> but it doesn't work for me >> >> $ cat ~/.snmp/librarysw.conf >> defVersion 2c >> >> $ head -1 ~/.snmp/snmp.conf >> defVersion 3 >> >> $ snmpwalk librarysw system >> snmpwalk: Unknown user name (Sub-id not found: (top) -> system) >> >> $ snmpwalk -v 2c librarysw system >> RFC1213-MIB::sysDescr.0 = STRING: "JetStream 24-Port Gigabit L2+ >> Managed Switch with 4 SFP Slots" >> RFC1213-MIB::sysObjectID.0 = OID: TPLINK-MIB::tplinkProducts.122 >> RFC1213-MIB::sysUpTime.0 = Timeticks: (1501667371) 173 days, 19:17:53.71 >> RFC1213-MIB::sysContact.0 = STRING: >> "https://urldefense.proofpoint.com/v2/url?u=http-3A__www.tp-2Dlink.com&d=DwIFaQ&c=009klHSCxuh5AI1vNQzSO0KGjl4nbi2Q0M1QLJX9BeE&r=7VDP4N-fj98QvYr9AY4iLJh3GBO-d7Oa-o-8TLGIA7c&m=MYTKeSiGnacxnJ8w3AdGzcCgA2JLnsgcQuQPMWbIKhdCvra1_bSjV7RkureXLW2s&s=vK-iWeKK8GncVMQdwBeD57n_nPEBXBcsmJztBro84so&e="; >> RFC1213-MIB::sysName.0 = STRING: "librarysw" >> RFC1213-MIB::sysLocation.0 = STRING: "Hong Kong" >> RFC1213-MIB::sysServices.0 = INTEGER: 3 >> >> hrmmm.. the man page says ˜/.snmp/hosts/NAME.conf so let's move the >> librarysw.conf file to .snmp/hosts/ and try again >> >> $ cat ~/.snmp/hosts/librarysw.conf >> defVersion 2c >> >> $ snmpwalk librarysw system >> snmpwalk: Unknown user name (Sub-id not found: (top) -> system) >> >> still no :( >> >> Regards >> Lee _______________________________________________ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
