The following instructions are based on Centos 5.5 + NET-SNMP 5.3.2.2
Create user
Create user guest_user whose password is "Pass0001" and shared key for encryption is "sharedkey001"
Put create user command into file /var/net-snmp/snmpd.conf, once snmpd restarted, the line will be deleted for security reason and the user will be created in usmUsertable
$cat /var/net-snmp/snmpd.conf createUser guest_user MD5 "Pass0001" DES "sharedkey001"Grant user permission to all OIDs (.1)
$ cat /etc/snmp/snmpd.conf
Restart snmpd##authuser read,write [-s secmodel] user [noauth|auth|priv [oid|-V view]]#auth=authentication no privacy (encryption)#priv=authentication plus privacy (encryption)authuser read -s usm guest_user priv .1
service snmpd restart
Test by snmpget
$snmpget -v 3 -u guest_user -l Priv -a MD5 -A Pass0001 -x DES -X sharedkey001 192.168.56.31 sysName.0
NMPv2-MIB::sysName.0 = STRING: centos64.local.netList usersAdd user$ snmptable -v 3 -u guest_user -l Priv -a MD5 -A Pass0001 -x DES -X sharedkey001 192.168.56.31 usmUsertableSNMP table: SNMP-USER-BASED-SM-MIB::usmUserTableguest_userDelete user#add user guest_user2 by cloning guest_user#The connecting user must be given write access (authuser read,write …. ) in order to add/delete users$snmpusm -v 3 -u guest_user -l Priv -a MD5 -A Pass0001 -x DES -X sharedkey001 192.168.56.31 create guest_user2 guest_userUser successfully created$snmpusm -v 3 -u guest_user -l Priv -a MD5 -A Pass0001 -x DES -X sharedkey001 192.168.56.31 delete me2Client configuration file snmp.conf You can put most command options in client config file: /etc/snmp/snmp.conf or ~/.snmp/snmp.conf$cat ~/.snmp/snmp.confdefVersion 3defSecurityName guest_userdefAuthType MD5defSecurityLevel authPrivdefAuthPassphrase Pass0001defPrivType DESdefPrivPassphrase sharedkey001#the long command can be simplified to$snmpget 192.168.56.31 sysName.0SNMPv2-MIB::sysName.0 = STRING: centos64.local.net
Posts
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.