|
Home > |
|---|
Add a user who can use SNMP service. To enhance security, the authpassword and the privpassword should not be set to the same value. SNMP users created with this command are automatically configured for:
•read (GET/GET-NEXT/GET-BULK)
•write (SET) and
•notify (TRAP/INFORM) access to all MIB objects.
Note: It is not possible to modify the parameters for a configured user. You must use sysconf snmp user delete followed by sysconf snmp user add.
Note: If an ssh connection with a SafeNet Network HSM appliance is terminated while sysconf snmp user add command is in progress, it is not possible to reconnect immediately to re-run the command.
sysconf snmp user add -secname <secname> -authpassword <password> [-authprotocol <protocol>] -privpassword <password>
| Parameter | Shortcut | Description |
|---|---|---|
| -secName | -s | Specifies the security name. The name may be 1-to-31 characters; this is effectively the SNMPv3 term for "User name" |
| -authPassword | -authPa | Specifies the authentication password. The password may be 8-to-128 characters long (for better security, it should be different than the privpassword). |
| -authprotocol | -authPr |
Specifies the authentication protocol. Valid values: SHA Default: SHA |
| -privPassword | -privPa | Specifies the privacy password or encryption password. The password may be 8-to-128 characters (for better security, it should be different than authPassword). |
| -privProtocol | -privPr |
Specifies the privacy protocol. Valid values: AES Default: AES |
To create an SNMP user with the name "admin", issue the following command:
lunash:> sysconf snmp user add -secName admin -authPassword 12345678 -privPassword 87654321
An SNMP agent on the SafeNet host "myLuna1" can then be accessed by means of the Net-SNMP "snmpwalk utility, using a command like:
snmpwalk -v 3 -u admin -l authPriv -a SHA -A 12345678 -x AES -X 87654321 myLuna1 .1