SNMPv3 配置及snmpwalk命令信息获取 snmp v3安全级别有三种,分别为noAuthNoPriv(不认证也不加密)、authNoPriv(认证但是不加密)、authPriv(既认证又加密)
一、SNMPv3配置代码:
1 2 3 | snmp-server contact zhangsan snmp-server location chengdu snmp-server view MIB-2 mib-2 included |
1)如果设置安全级别为authPriv
1 2 | snmp-server group READONLY v3 priv read MIB-2 snmp-server user admin READONLY v3 auth sha mypass123 priv aes 128 myaes123 |
2)如果设置安全级别为authNoPriv
1 2 | snmp-server group READONLY v3 auth read MIB-2 snmp-server user admin READONLY v3 auth sha mypass123 |
3)如果设置安全级别为noAuthNoPriv
1 2 | snmp-server group READONLY v3 noauth read MIB-2 snmp-server user admin READONLY v3 |
注意:上述密码设置长度必须大于等于八位,否则在linux上使用snmpwalk命令时,会报错提示
1 2 3 | Error: passphrase chosen is below the length requirements of the USM (min=8). snmpwalk: (The supplied password length is too short .) Error generating a key (Ku) from the supplied privacy pass phrase. |
其中sha可改成md5,
1 2 | md5 Use HMAC MD5 algorithm for authentication sha Use HMAC SHA algorithm for authentication |
aes可改成:3des,des。
1 2 3 | 3des Use 168 bit 3DES algorithm for encryption aes Use AES algorithm for encryption des Use 56 bit DES algorithm for encryption |
2、snmpwalk获取信息命令
1)安全级别为authPriv时,snmpwalk获取信息方式:
1 | snmpwalk -v 3 -u admin -l authPriv -a sha -A mypass123 -x aes -X myaes123 192.168.0.80 ".1.3.6.1.2.1" |
2)安全级别为authNoPriv时,snmpwalk获取信息方式:
1 | snmpwalk -v 3 -u admin -l authNoPriv -a sha -A mypass123 192.168.0.80 ".1.3.6.1.2.1" |
3)安全级别为noAuthNoPriv时,snmpwalk获取信息方式:
1 2 3 4 | snmpwalk -v 3 -u admin -l noAuthNoPriv 192.168.0.80 ".1.3.6.1.2.1" snmp-server contact zhangsan snmp-server location chengdu snmp-server view MIB-2 mib-2 included |
1)如果设置安全级别为authPriv