Re: Does Net-SNMP support AES192 or AES256?

2018-04-10 Thread Simon Chamlian
Test results (omitted rwuser instruction for brevity): createUser user0 MD5 "authpw-00" Works createUser user1 MD5 "authpw-00" AES "default-00" Works createUser user2 MD5 "authpw-00" AES192 "default-00" FAILED createUser user2c MD5 "authpw-00" AES192C "default-00"

Re: Does Net-SNMP support AES192 or AES256?

2018-04-09 Thread Bill Fenner
On Mon, Apr 9, 2018 at 12:21 PM, Simon Chamlian wrote: > Hi , > > Thanks for the information Bill. So --with-transports="DTLSUDP" > --with-security-modules="tsm" are not required but simply > --enable-blumenthal-aes > > So I compiled the agent using the following

Re: Does Net-SNMP support AES192 or AES256?

2018-04-09 Thread Simon Chamlian
Hi , Thanks for the information Bill. So --with-transports="DTLSUDP" --with-security-modules="tsm" are not required but simply --enable-blumenthal-aes So I compiled the agent using the following configuration: ./configure --disable-embedded-perl --without-perl-modules

Re: Does Net-SNMP support AES192 or AES256?

2018-04-06 Thread Bill Fenner
Simon, The USM AES192 and AES256 support is based upon an Internet Draft, which never became a standard - therefore, you have to pass "--enable-blumenthal-aes" to ./configure. (You don't have to enable TSM or the TLS transports; that's a whole different kettle of fish.) Bill On Fri, Apr 6,

Re: Does Net-SNMP support AES192 or AES256?

2018-04-06 Thread Simon Chamlian
Thanks for the tip. I did compile with the following options: --disable-embedded-perl --without-perl-modules with_endianness=big --enable-mini-agent --with-default-snmp-version="3" --enable-ipv6 --disable-debugging --with-sys-contact="who@where"

Re: Does Net-SNMP support AES192 or AES256?

2018-04-05 Thread Keith Mendoza
Simon, Those options have to be enabled in the configure options. I suggest building with the following configure options: --with-transports="DTLSUDP" --with-security-modules="tsm" There might be other configure options that you need to make it work. Just note though that SNMPv3 RFC _does