Discussion:
Implementation of Snmp v3 Authentication & Encryption using SSL
Tripathi Anoop-A18046
2006-07-18 08:36:03 UTC
Permalink
Hi

I have a doubt regarding how net-snmp implements encryption and
authentication (snmp v3 security) using SSL.

The keys used for encryption and authentication in SSL are derived
from a pre-master secret, which is distributed from client to server
using RSA certificates, or Diffi Helman Algorithm.
How will then one make of the user keys stored in the USM MIB (user
encryption & authentication keys for snmp v3 security model ) ?

If some body can clarify this, it would be great.

thanks and regards
anoop.
Dave Shield
2006-07-18 09:17:10 UTC
Permalink
Post by Tripathi Anoop-A18046
I have a doubt regarding how net-snmp implements encryption and
authentication (snmp v3 security) using SSL.
That's easy - it doesn't.
SNMPv3 does not use SSL - they are different security mechanisms.

The Net-SNMP library can make use of certain routines within the
OpenSSL library to calculate the SHA1 digest checksum, and perform DES
or AES encryption. But that's just a convenience to avoid having to
write code for these algorithms ourselves (and have to worry about all
the related export headaches!). There's no real connection between
SNMPv3 and SSL.

[That is correct, isn't it Wes?]
Post by Tripathi Anoop-A18046
How will then one make of the user keys stored in the USM MIB (user
encryption & authentication keys for snmp v3 security model ) ?
Please see the relevant RFCs and/or a good book on SNMPv3 for the details.

Dave

Loading...