3Com S7906E Command Reference Manual page 2134

cipher: Specifies that auth-password and priv-password are cipher text passwords, which can be
calculated by using the snmp-agent calculate-password command.
authentication-mode: Specifies the security model to be authentication. MD5 is faster than SHA, while
SHA provides a higher security than MD5.
md5: Specifies the authentication protocol as MD5.
sha: Specifies the authentication protocol as SHA-1.
auth-password: Authentication password. If the cipher keyword is not specified, auth-password
indicates a plain text password, which is a string of 1 to 64 visible characters. If the cipher keyword is
specified, auth-password indicates a cipher text password. If the md5 keyword is specified,
auth-password is a string of 32 hexadecimal characters. If the sha keyword is specified, auth-password
is a string of 40 hexadecimal characters.
privacy-mode:Specifies the security model to be privacy. The three encryption algorithms AES, DES
are in descending order in terms of security. Higher security means more complex implementation
mechanism and lower speed. DES is enough to meet general requirements.
des56: Specifies the privacy protocol to be data encryption standard (DES).
aes128: Specifies the privacy protocol to be advanced encryption standard (AES).
priv-password: The privacy password. If the cipher keyword is not specified, priv-password indicates a
plain text password, which is a string of 1 to 64 characters; if the cipher keyword is specified,
priv-password indicates a cipher text password.if the aes128 keyword is specified, priv-password is a
string of 40 hexadecimal characters; if the des56 keyword is specified, priv-password is a string of 40
hexadecimal characters.
acl acl-number: Associates a basic ACL with the user. acl-number is in the range 2000 to 2999. By
using a basic ACL, you can restrict the source IP address of SNMP packets, that is, you can configure to
allow or prohibit SNMP packets with a specific source IP address, so as to allow or prohibit the specified
NMS to access the agent by using this user name.
local: Represents a local SNMP entity user.
engineid engineid-string: The engine ID string, an even number of hexadecimal characters, in the
range 10 to 64. Its length must not be an odd number, and the all-zero and all-F strings are invalid.
Description
Use the snmp-agent usm-user v3 command to add a user to an SNMP group.
Use the undo snmp-agent usm-user v3 command to delete a user from an SNMP group.
The user name configured by using this command is applicable to the SNMPv3 networking
environments, If the agent and the NMS use SNMPv3 packets to communicate with each other, you
need to create an SNMPv3 user.
To make the configured user valid, create an SNMP group first. Configure the authentication and
encryption modes when you create a group, and configure the authentication and encryption
passwords when you create a user.
If you specify the cipher keyword, the system considers the arguments auth-password and
priv-password as cipher text passwords. In this case, the command supports copy and paste,
meaning if the engine IDs of the two devices are the same, you can copy and paste the SNMPv3
configuration commands in the configuration file on device A to device B and execute the
commands on device B. The cipher text password and plain text password on the two devices are
the same.
1-29