sysconf snmp user add

Add a user who can use SNMP service. To enhance security, the authpassword and the privpassword should not be set to the same value. SNMP users created with this command are automatically configured for:

>Read (GET/GET-NEXT/GET-BULK) access to all MIB objects.

>Write (SET) access to all MIB objects.

>Notify (TRAP/INFORM) access to all MIB objects.

It is not possible to modify the parameters for a configured user. You must use sysconf snmp user delete followed by sysconf snmp user add.

NOTE   If an SSH connection with a SafeNet Luna Network HSM appliance is terminated while the sysconf snmp user add command is in progress, it is not possible to reconnect immediately to re-run the command.

User Privileges

Users with the following privileges can perform this command:

>Admin

>Operator

Syntax

sysconf snmp user add -secname <secname> -authpassword <password> -authprotocol <protocol> -privpassword <password> -privprotocol <protocol>

Argument(s) Shortcut Description
-secname <secname> -s Specifies the security name. The name may be 1-to-31 characters; this is effectively the SNMPv3 term for "User name"
-authpassword <password> -authpa Specifies the authentication password. The password may be 8-to-128 characters long (for better security, it should be different than the privpassword).
-authprotocol <protocol> -authpr

Specifies the authentication protocol.

Valid values: SHA

Default: SHA

-privpassword <password> -privpa Specifies the privacy password or encryption password. The password may be 8-to-128 characters (for better security, it should be different than the password specified for authpassword).
-privprotocol <protocol> -privpr

Specifies the privacy protocol.

Valid values: AES

Default: AES

Example

To create an SNMP user with the name "admin", issue the following command:

lunash:>sysconf snmp user add -secname admin -authpassword authPa$$w0rd -authprotocol SHA -privpassword privPa$$w0rd -privprotocol AES
 
SNMP user account "admin" added
 
Command Result : 0 (Success)
 

An SNMP agent on the SafeNet host "myLuna1" can then be accessed by means of the Net-SNMP snmpwalk utility, using a command like:

snmpwalk -v 3 -u admin -l authPriv -a SHA -A authPa$$w0rd -x AES -X privPa$$w0rd myLuna1 .1