The OpenNET Project / Index page

[ новости /+++ | форум | теги | ]

Интерактивная система просмотра системных руководств (man-ов)

 ТемаНаборКатегория 
 
 [Cписок руководств | Печать]

snmpusm (1)
  • >> snmpusm (1) ( Solaris man: Команды и прикладные программы пользовательского уровня )
  • snmpusm (1) ( Разные man: Команды и прикладные программы пользовательского уровня )
  •  

    NAME

    snmpusm - create and maintain SNMPv3 users on a remote entity
     
    

    SYNOPSIS

    snmpusm [common options] AGENT create user [clonefrom-user]

    snmpusm [common options] AGENT delete user

    snmpusm [common options] AGENT cloneFrom user clonefrom-user

    snmpusm [common options] [-Co] [-Ca] [-Cx] AGENT passwd old-passphrase new-passphrase  

    DESCRIPTION

    The snmpusm utility is an SNMP application that can be used to do simple maintenance on an SNMP agent's User-based Security Module (USM) table. The user needs write access to the usmUserTable MIB table. You can create, delete, clone, and change the passphrase of users configured on a running SNMP agent.

    The SNMPv3 USM specifications (see RFC 3414) dictate that users are created and maintained by adding and modifying rows to the usmUserTable MIB table. To create a new user you simply create the row using snmpset(1M). User's profiles contain private keys that are never transmitted over the wire in clear text, regardless of whether the administration requests are encrypted.

    The secret key for a user is initially set by cloning another user in the table, so that a new user inherits the cloned user's secret key. A user can be cloned only once, however, after which they must be deleted and re-created to be re-cloned. The authentication and privacy security types are also inherited during this cloning (for example, MD5 vs. SHA1). To change the secret key for a user, you must know the user's old passphrase as well as the new one. The passwd subcommand of the snmpusm command requires both the new and the old passphrases be supplied. After cloning from the appropriate template, you should immediately change the new user's passphrase.

    The Net-SNMP agent must first be initialized so that at least one user is setup in it before you can use this command to clone new ones. See the snmpd.conf(4) manual page for a description of the createUser configuration parameter.

    Passphrases must be a minimum of eight characters in length.  

    OPTIONS

    See snmpcmd(1M) for a description of common options.  

    EXAMPLES

    Assume for our examples that the following VACM and USM configurations lines are in the snmpd.conf file for a Net-SNMP agent. These lines set up a default user named initial with the authentication passphrase setup_passphrase. Establishing these parameters enables the initial setup of an agent.

    # VACM configuration entries
    rwuser initial
    # The name of the new user that is going to be created
    rwuser wes
    # USM configuration entries
    createUser initial MD5 setup_passphrase DES
    

    Note that the initial user's setup should be removed after creating a real user to whom you grant administrative privileges. The real user is wes in this example.

    Example 1: Creating a New User

    The following command creates a new user, wes, which is cloned from initial. wes inherits that user's passphrase, setup_passphrase.

    # snmpusm -v3 -u initial -n "" -l authNoPriv -a MD5 -A setup_passphrase \
     localhost create wes initial
    

    Example 2: Changing the User's Passphrase

    After creating the user wes with the same passphrase as the user initial, we need to change his passphrase for wes. The following command changes it from setup_passphrase, which was inherited from initial, to new_passphrase.

    # snmpusm -v 3 -u wes -n "" -l authNoPriv -a MD5 -A setup_passphrase \
    localhost passwd setup_passphrase new_passphrase
    

    Example 3: Testing the New User

    If the preceding commands were successful, the following command should perform an authenticated SNMPv3 GET request to the agent.

    # snmpget -v 3 -u wes -n "" -l authNoPriv -a MD5 -A new_passphrase \
    localhost sysUpTime.0
    

    Following a successful test, remove the VACM group snmpd.conf entry for the user initial. At this point, you have a valid user wes that you can use for future transactions.  

    EXIT STATUS

    0

    Successful completion.

    1

    A usage syntax error. A usage message is displayed. Also used for timeout errors.

    2

    An error occurred while executing the command. An error message is displayed.

     

    ATTRIBUTES

    See attributes(5) for descriptions of the following attributes:

    ATTRIBUTE TYPEATTRIBUTE VALUE
    AvailabilitySUNWsmcmd
    Interface StabilityExternal

     

    SEE ALSO

    snmpcmd(1M), snmpset(1M), snmpd.conf(4), attributes(5)

    RFC 3414


     

    Index

    NAME
    SYNOPSIS
    DESCRIPTION
    OPTIONS
    EXAMPLES
    EXIT STATUS
    ATTRIBUTES
    SEE ALSO


    Поиск по тексту MAN-ов: 




    Партнёры:
    PostgresPro
    Inferno Solutions
    Hosting by Hoster.ru
    Хостинг:

    Закладки на сайте
    Проследить за страницей
    Created 1996-2024 by Maxim Chirkov
    Добавить, Поддержать, Вебмастеру