So once it is compiled in, how do you add the Diffie-Hellman in
createUser instruction
in the snmpd.conf file?
-Simon
On Wed, Sep 7, 2022 at 11:21 AM Wes Hardaker
wrote:
> Craig Small via Net-snmp-coders
> writes:
>
> > My understanding is the only way of adding the key is with the snmpusm
>
Craig Small writes:
> The 5.9.3 release fixes several security issues. Could someone confirm if
> it
> was only the following two patches that fixed it, or give me a list of the
> patches if not?
I think those two patches look right, but I'm not sure I'd promise those
were the only critical
Craig Small via Net-snmp-coders
writes:
> My understanding is the only way of adding the key is with the snmpusm
> command. Except it doesn't work for me.
snmpusm is used to change a key, but isn't really doing DH for each
transaction after that. It's still using a shared-secret.
(D)TLS
Feroz writes:
> On net-snmp 5.8, with the following configuration in snmpd.conf file, which
> version of SHA (i.e SHA1/SHA-192/SHA-256/SHA-284/SHA-512) is used?
>
> createUser feroz SHA feroz123 AES feroz123
> rwuser feroz priv
If you specify SHA generically, that's an alias for SHA1.
Abhishek Singh writes:
> 1. The issue was existing snmpv3 details were not updated in the net-snmp
> cache.
> Used clear_user_list() to clear users details. The patch is in attachments. Is
> this the correct way to go forward?
If you're always trying to re-create users that patch may work.
>
