Home > Cheatsheets > SNMPv3 users cheatsheet

SNMPv3 users cheatsheet

snmpcheatsheet
This post is for quick reference and it contains instructions about how to create several types of SNMPv3 users. Instructions is for the following types of users:

    simpleUser with no authentication and no privacy
    uMD5 with MD5 authentication and no privacy
    uSHA with SHA authentication and no privacy
    uMD5DES with MD5 authentication and DES privacy
    uSHADES with SHA authentication and DES privacy
    uMD5AES128 with MD5 authentication and AES128 privacy
    uSHAAES128 with SHA authentication and AES128 privacy

    Create SNMPv3 user simpleUser what will be allowed to access the SNMP server without the authentication and without privacy
    1) Create user simpleUser with password 11111111 (password is useless):

    net-snmp-config --create-snmpv3-user -ro -A "11111111" simpleUser

    2) Make this user with authentication and no privacy. For this is needed to edit the file /etc/snmp/snmpd.conf and change line:

    rouser uMD5

    to

    rouser uMD5 AuthNoPriv

    3) Restart the SNMP daemon and test this user:

    snmpget -v 3 -u simpleUser 127.0.0.1 sysUpTime.0

    This will query SNMP server for the current system uptime.

    Create SNMPv3 user uMD5 with password PMD51111 what will be allowed to access the SNMP server with authentication (password is hashed using MD5) and without privacy
    1) Create user uMD5 with password PMD51111 (hashed with MD5):

    net-snmp-config --create-snmpv3-user -ro -a MD5 -A "PMD51111" uMD5

    2) Make this user with authentication and no privacy. For this is needed to edit the file /etc/snmp/snmpd.conf and change line:

    rouser uMD5

    to

    rouser uMD5 AuthNoPriv

    3) Restart the SNMP daemon and test this user:

    snmpget -v 3 -u uMD5 -l AuthNoPriv -a MD5 -A PMD51111 127.0.0.1 sysUpTime.0

    This will query SNMP server for the current system uptime.

    Create SNMPv3 user uSHA with password PSHA1111 what will be allowed to access the SNMP server with authentication (password is hashed using SHA) and without privacy
    1) Create user uSHA with password PSHA1111 (hashed with SHA):

    net-snmp-config --create-snmpv3-user -ro -a SHA -A "PSHA1111" uSHA

    2) Make this user with authentication and no privacy. For this is needed to edit the file /etc/snmp/snmpd.conf and change line:

    rouser uSHA

    to

    rouser uSHA AuthNoPriv

    3) Restart the SNMP daemon and test this user:

    snmpget -v 3 -u uSHA -l AuthNoPriv -a SHA -A PSHA1111 127.0.0.1 sysUpTime.0

    This will query SNMP server for the current system uptime.

    Create SNMPv3 user uMD5DES with password PMD5DES1 what will be allowed to access the SNMP server with authentication (password is hashed using MD5) and privacy (DES encryption)
    1) Create user uMD5DES with password PMD5DES1 (hashed with MD5) with DES encryption:

    net-snmp-config --create-snmpv3-user -ro -x DES -a MD5 -A "PMD5DES1" -X PMD5DES1 uMD5DES

    2) Make this user with authentication and privacy. For this is needed to edit the file /etc/snmp/snmpd.conf and change line:

    rouser uMD5DES

    to

    rouser uMD5DES AuthPriv

    3) Restart the SNMP daemon and test this user:

    snmpget -v 3 -u uMD5DES -l AuthPriv -x DES -a MD5 -X PMD5DES1 -A PMD5DES1 127.0.0.1 sysUpTime.0

    This will query SNMP server for the current system uptime.

    Create SNMPv3 user uSHADES with password PSHADES1 what will be allowed to access the SNMP server with authentication (password is hashed using SHA) and privacy (DES encryption)

    1) Create user uSHADES with password PSHADES1 (hashed with SHA) with DES encryption:

    net-snmp-config --create-snmpv3-user -ro -x DES -a SHA -A "PSHADES1" -X PSHADES1 uSHADES

    2) Make this user with authentication and privacy. For this is needed to edit the file /etc/snmp/snmpd.conf and change line:

    rouser uSHADES

    to

    rouser uSHADES AuthPriv

    3) Restart the SNMP daemon and test this user:

    snmpget -v 3 -u uSHADES -l AuthPriv -x DES -a SHA -X PSHADES1 -A PSHADES1 127.0.0.1 sysUpTime.0

    This will query SNMP server for the current system uptime.

    Create SNMPv3 user uMD5AES128 with password PMD5AES128 what will be allowed to access the SNMP server with authentication (password is hashed using MD5) and privacy (AES128 encryption)

    1) Create user uMD5AES128 with password PMD5AES128 (hashed with MD5) with AES128 encryption:

    net-snmp-config --create-snmpv3-user -ro -x AES -a MD5 -A "PMD5AES128" -X PMD5AES128 uMD5AES128

    2) Make this user with authentication and privacy. For this is needed to edit the file /etc/snmp/snmpd.conf and change line:

    rouser uMD5AES128

    to

    rouser uMD5AES128 AuthPriv

    3) Restart the SNMP daemon and test this user:

    snmpget -v 3 -u uMD5AES128 -l AuthPriv -x AES -a MD5 -X PMD5AES128 -A PMD5AES128 127.0.0.1 sysUpTime.0

    This will query SNMP server for the current system uptime.

    Create SNMPv3 user uSHAAES128 with password PSHAAES128 what will be allowed to access the SNMP server with authentication (password is hashed using SHA) and privacy (AES128 encryption)
    1) Create user uSHAAES128 with password PSHAAES128 (hashed with SHA) with AES128 encryption:

    net-snmp-config --create-snmpv3-user -ro -x AES -a SHA -A "PSHAAES128" -X PSHAAES128 uSHAAES128

    2) Make this user with authentication and privacy. For this is needed to edit the file /etc/snmp/snmpd.conf and change line:

    rouser uSHAAES128

    to

    rouser uSHAAES128 AuthPriv

    3) Restart the SNMP daemon and test this user:

    snmpget -v 3 -u uSHAAES128 -l AuthPriv -x AES -a SHA -X PSHAAES128 -A PSHAAES128 127.0.0.1 sysUpTime.0

    This will query SNMP server for the current system uptime

Cheatsheets

  1. No comments yet.
  1. No trackbacks yet.