sysconf snmp user add
Add a user who can use SNMP service. To enhance security, the authpassword and the privpassword should not be set to the same value. SNMP users created with this command are automatically configured for:
>Read (GET/GET-NEXT/GET-BULK) access to all MIB objects.
>Write (SET) access to all MIB objects.
>Notify (TRAP/INFORM) access to all MIB objects.
It is not possible to modify the parameters for a configured user. You must use sysconf snmp user delete followed by sysconf snmp user add.
NOTE If an SSH connection with a SafeNet Luna Network HSM appliance is terminated while the sysconf snmp user add command is in progress, it is not possible to reconnect immediately to re-run the command.
User Privileges
Users with the following privileges can perform this command:
>Admin
>Operator
Syntax
sysconf snmp user add -secname <secname> -authpassword <password> -authprotocol <protocol> -privpassword <password> -privprotocol <protocol>
| Argument(s) | Shortcut | Description |
|---|---|---|
| -secname <secname> | -s | Specifies the security name. The name may be 1-to-31 characters; this is effectively the SNMPv3 term for "User name" |
| -authpassword <password> | -authpa | Specifies the authentication password. The password may be 8-to-128 characters long (for better security, it should be different than the privpassword). |
| -authprotocol <protocol> | -authpr |
Specifies the authentication protocol. Valid values: SHA Default: SHA |
| -privpassword <password> | -privpa | Specifies the privacy password or encryption password. The password may be 8-to-128 characters (for better security, it should be different than the password specified for authpassword). |
| -privprotocol <protocol> | -privpr |
Specifies the privacy protocol. Valid values: AES Default: AES |
Example
To create an SNMP user with the name "admin", issue the following command:
lunash:>sysconf snmp user add -secname admin -authpassword authPa$$w0rd -authprotocol SHA -privpassword privPa$$w0rd -privprotocol AES SNMP user account "admin" added Command Result : 0 (Success)
An SNMP agent on the SafeNet host "myLuna1" can then be accessed by means of the Net-SNMP snmpwalk utility, using a command like:
snmpwalk -v 3 -u admin -l authPriv -a SHA -A authPa$$w0rd -x AES -X privPa$$w0rd myLuna1 .1
