Penguin
Recent Changes

SNMPUSM

SNMPUSM

NAME SYNOPSIS DESCRIPTION EXAMPLES SEE ALSO

NAME

snmpusm - creates and maintains SNMPv3 user's on a remote entity.

SYNOPSIS

snmpusm [ common arguments? create username [cloneFromUser? snmpusm [ common arguments? delete username snmpusm [ common arguments? cloneFrom username cloneFromUser snmpusm [ common arguments? passwd [-Co? [-Ca? [-Cx? old_passphrase new_passphrase

DESCRIPTION

Snmpusm is an SNMP application that can be used to do simple maintenance on a SNMP agent's User based Security Module (USM) table. You can create, delete, clone, and change the password of users configured on a running SNMP agent.

The SNMPv3 USM specifications (see RFC2574) dictate that users are created and maintained by adding and modifying rows to the usmUser MIB table. To create a new user you simply create the row using an snmpset. User's profiles contain private keys that are never transmitted over the wire in clear text (regardless of whether the administration requests are in encrypted or not).

The secret key for a user is initially set by cloning another user in the table, so that a new user inherits the cloned user's secret key. A user can only be cloned once, however, after which they must be deleted and re-created to be re-cloned. The authentication and privacy security types are also inherited during this cloning (E.G., MD5 vs SHA1). To change the secret key for a user, you must know the user's old passphrase as well as the new one. The passwd sub-command of the snmpusm command, therefore, requires both the new and the old password to be supplied. After cloning from the appropriate template, you should immediately change the new users password.

The ucd-snmp agent must first be initialized so that at least one user is setup in it before you can use this command to clone new ones. See the snmpd.conf(5)? manual page on the createUser configuration parameter.

EXAMPLES

Lets assume for our examples that the following VACM and USM configurations lines were in the snmpd.conf file for a ucd-snmp agent, which sets up a default user called

  1. VACM configuration entries

rwuser initial

  1. lets add the new user we'll create too:

rwuser wes

  1. USM configuration entries

createUser initial MD5 setup_password DES

Note: that the

Note: passwords (passphrases really) must be 8 characters minimum in length.

snmpusm -v 3 -u initial -n

Creates a new user, here named

snmpusm -v 3 -u wes -n

After creating the user

snmpget -v 3 -u wes -n

If the above commands were successful, this command should have properly performed an authenticated snmpv3 GET request to the agent.

Now, go remove the vacm

SEE ALSO

snmpd.conf(5)?, snmp.conf(5)?

This page is a man page (or other imported legacy content). We are unable to automatically determine the license status of this page.

lib/main.php:944: Notice: PageInfo: Cannot find action page

lib/main.php:839: Notice: PageInfo: Unknown action