J***@infineon.com
21 years ago
Hi All,
I have found some strange problem with SNMPUSM - I am not sure as
whether it could be a problem in my configuration!
I am using net-snmp ver 5.1 running on RedHat Linux 7.2 Kernel is 2.4.7
Here is the problem description:
I FIRST CREATE A DEFAULT SNMPv3 USER
--------------------------------------------------------------------
[***@localhost net-snmp-5.1]# net-snmp-config --create-snmpv3-user -a
subbi-v3-user -A MD5 v3user
CREATE ANOTHER USER USING SNMPUSM
---------------------------------------------------------------------
Now I run my snmpd and then using the SNMPUSM try to create another user
from the above created user. The user is successfully created as shown
from the output of the SNMPUSM command.
[***@localhost net-snmp-5.1]# snmpusm -v 3 -a MD5 -A subbi-v3-user -l
authNoPriv -n "" -u v3user -x DES localhost create another-v3user
v3user
User successfully created.
QUERY THE MIB USING THE DEFAULT USER
-----------------------------------------------------------------------
I try to Query the mib using the default SNMPv3 user I am successful in
getting the MIB value as shown in the output of the SNMPGET command.
[***@localhost net-snmp-5.1]# snmpget -v 3 -a MD5 -A subbi-v3-user -l
authNoPriv -n "" -u v3user -x DES localhost ifDescr.1
IF-MIB::ifDescr.1 = STRING: lo
QUERY THE MIB USING THE NEWLY CREATED USER
------------------------------------------------------------------------
-----------
I try to Query the mib using the newly created SNMPv3 user, which gives
an Authorization failure. (I also checked out with the defaultPassphrase
- doesn't work still)
[***@localhost net-snmp-5.1]# snmpget -v 3 -a MD5 -A subbi-v3-user -l
authNoPriv -n "" -u another-v3user -x DES localhost ifDescr.1
Error in packet
Reason: authorizationError (access denied to that object)
NOW I TRIED CHANGING THE PASSWORD OF THE NEWLY CREATED USER
------------------------------------------------------------------------
----------------------------------------------
This fails and the short debug for usm is also enclosed!
[***@localhost net-snmp-5.1]# snmpusm -v 3 -a MD5 -A subbi-v3-user -l
authNoPriv -n "" -u another-v3user -x DES -Dusm localhost -Ca passwd
subbi-v3-user another-v3-passwd
usm: getting user
usm: USM processing has begun (offset 22)
usm: getting user
usm: Failed to find engine data.
usm: USM processing completed.
usm: USM processing begun...
usm: USM processing completed.
usm: USM processing has begun (offset 119)
usm: getting user another-v3user
usm: USM processing completed.
usm: USM processing begun...
usm: Verification succeeded.
usm: USM processing completed.
Error in packet.
Reason: authorizationError (access denied to that object)
Anybody out there could help me out with this problem. Now the strange
thing is that whatever user I have added using SNMPUSM doesn't reflect
in my snmpd.conf! How can I ensure that the user created from SNMPUSM
has been added to the snmpd.conf file ?
Regards
Subbi
I have found some strange problem with SNMPUSM - I am not sure as
whether it could be a problem in my configuration!
I am using net-snmp ver 5.1 running on RedHat Linux 7.2 Kernel is 2.4.7
Here is the problem description:
I FIRST CREATE A DEFAULT SNMPv3 USER
--------------------------------------------------------------------
[***@localhost net-snmp-5.1]# net-snmp-config --create-snmpv3-user -a
subbi-v3-user -A MD5 v3user
CREATE ANOTHER USER USING SNMPUSM
---------------------------------------------------------------------
Now I run my snmpd and then using the SNMPUSM try to create another user
from the above created user. The user is successfully created as shown
from the output of the SNMPUSM command.
[***@localhost net-snmp-5.1]# snmpusm -v 3 -a MD5 -A subbi-v3-user -l
authNoPriv -n "" -u v3user -x DES localhost create another-v3user
v3user
User successfully created.
QUERY THE MIB USING THE DEFAULT USER
-----------------------------------------------------------------------
I try to Query the mib using the default SNMPv3 user I am successful in
getting the MIB value as shown in the output of the SNMPGET command.
[***@localhost net-snmp-5.1]# snmpget -v 3 -a MD5 -A subbi-v3-user -l
authNoPriv -n "" -u v3user -x DES localhost ifDescr.1
IF-MIB::ifDescr.1 = STRING: lo
QUERY THE MIB USING THE NEWLY CREATED USER
------------------------------------------------------------------------
-----------
I try to Query the mib using the newly created SNMPv3 user, which gives
an Authorization failure. (I also checked out with the defaultPassphrase
- doesn't work still)
[***@localhost net-snmp-5.1]# snmpget -v 3 -a MD5 -A subbi-v3-user -l
authNoPriv -n "" -u another-v3user -x DES localhost ifDescr.1
Error in packet
Reason: authorizationError (access denied to that object)
NOW I TRIED CHANGING THE PASSWORD OF THE NEWLY CREATED USER
------------------------------------------------------------------------
----------------------------------------------
This fails and the short debug for usm is also enclosed!
[***@localhost net-snmp-5.1]# snmpusm -v 3 -a MD5 -A subbi-v3-user -l
authNoPriv -n "" -u another-v3user -x DES -Dusm localhost -Ca passwd
subbi-v3-user another-v3-passwd
usm: getting user
usm: USM processing has begun (offset 22)
usm: getting user
usm: Failed to find engine data.
usm: USM processing completed.
usm: USM processing begun...
usm: USM processing completed.
usm: USM processing has begun (offset 119)
usm: getting user another-v3user
usm: USM processing completed.
usm: USM processing begun...
usm: Verification succeeded.
usm: USM processing completed.
Error in packet.
Reason: authorizationError (access denied to that object)
Anybody out there could help me out with this problem. Now the strange
thing is that whatever user I have added using SNMPUSM doesn't reflect
in my snmpd.conf! How can I ensure that the user created from SNMPUSM
has been added to the snmpd.conf file ?
Regards
Subbi
...