Table of Contents
Advertisement
privacy-protocol
privacy-secret-type
privacy-secret
Guidelines
The snmp-cred command adds SNMP V3 credentials for this account. Each
account can have multiple SNMP V3 credentials, one for each SNMP V3 engine
that is identified by an engine-ID value.
Note: The current implementation supports an SNMP V3 credential for the local
The secret for authentication and for privacy can be defined either as a password
(passphrase), which will be hashed and localized with the engine ID or can be
defined as a localized hexadecimal key.
Examples
v Creates SNMP V3 credentials for this account on the appliance with
v Creates SNMP V3 credentials for this account on the remote machine with the
724
Command Reference
You can use colons (:) between each two hexadecimal characters.
Identifies which privacy (encryption) protocol to use.
none
The account has no privacy key.
des
(Default) The account uses CBC-DES as the privacy protocol.
aes
The account uses CFB128-AES-128 as the privacy protocol.
Indicates whether the privacy secret is a password or a fully localized key.
This parameter is required when the value for privacy-protocol is des or aes.
password
The privacy secret is a password that will be converted to an
intermediate key with a standardized algorithm, and then localized
against the engine ID value.
key
The privacy secret is a fully localized key. Specifying a fully
localized key is useful when the key was initially created on
another system.
Specifies the secret, or key, for privacy (encryption) for this account. This
parameter is required when the value for privacy-protocol is des or aes.
v If a password, specify a plaintext password that is at least eight
characters long.
v If a key and HMAC-MD5 is the authentication protocol, specify the
hexadecimal representation of a 16-byte key.
v If a key and HMAC-SHA-96 is the authentication protocol, specify the
hexadecimal representation of a 20-byte key.
You can use colons (:) between each two hexadecimal characters.
engine ID only. Therefore, there can be only one SNMP V3 credential for
each account.
HMAC-MD5-96 as the authentication algorithm, and DES-CBC as the privacy
algorithm. The password aBigSecret will be converted to a localized
authentication key, and the password aDifferentSecret will be converted to a
localized encryption key.
snmp-cred 0 md5 password aBigSecret des password aDifferentSecret
engine ID 000000000000000000000002, with HMAC-MD5-96 as the authentication
Advertisement
Table of Contents
