Sto tentando di abilitare SNMP versione 3 con un solo utente pronto per l'uso su Mac OS X 10.8.5 in modo da poter monitorare da remoto lo stato del computer. Quando provo un snmpwalk locale, viene restituito questo messaggio:
No log handling enabled - using stderr logging
snmpwalk: Authentication failure (incorrect password, community or key)
Di seguito sono riportati i passaggi esatti che ho eseguito per arrivare a questo punto. Cosa mi manca? Cordiali saluti, il nome utente che sto usando è rouser con password 12345678
sudo snmpconf -i
crea /usr/share/snmp/snmpd.conf con autorizzazioni -rw-r--r-- 1 root staff 484 Sep 25 14:44 snmpd.conf e contiene:
# snmpd.conf
# - created by the snmpconf configuration program
#
# SECTION: Access Control Setup
#
# This section defines who is allowed to talk to your running
# snmp agent.
# rouser: a SNMPv3 read-only user
# arguments: user [noauth|auth|priv] [restriction_oid]
rouser rouser priv
crea utente:
sudo net-snmp-config --create-snmpv3-user -ro -a 12345678 -x 12345678 -X AES -A SHA rouser
che crea /var/db/net-snmp/snmpd.conf con autorizzazioni -rw-r--r-- 1 root wheel 46 Sep 25 14:44 snmpd.conf e contiene:
createUser rouser SHA "12345678" AES 12345678
questo comando aggiorna anche /usr/share/snmp/snmpd.conf a questa (ultima riga aggiunta):
# snmpd.conf
# - created by the snmpconf configuration program
#
# SECTION: Access Control Setup
#
# This section defines who is allowed to talk to your running
# snmp agent.
# rouser: a SNMPv3 read-only user
# arguments: user [noauth|auth|priv] [restriction_oid]
rouser rouser priv
rouser rouser
attiva SNMP:
sudo launchctl load -w /System/Library/LaunchDaemons/org.net-snmp.snmpd.plist
quel comando ha cambiato le autorizzazioni di /var/db/net-snmp/snmpd.conf in -rw------- 1 root wheel 1420 Sep 25 15:04 snmpd.conf e ha cambiato il suo contenuto in:
#
# net-snmp (or ucd-snmp) persistent data file.
#
############################################################################
# STOP STOP STOP STOP STOP STOP STOP STOP STOP
#
# **** DO NOT EDIT THIS FILE ****
#
# STOP STOP STOP STOP STOP STOP STOP STOP STOP
############################################################################
#
# DO NOT STORE CONFIGURATION ENTRIES HERE.
# Please save normal configuration tokens for snmpd in SNMPCONFPATH/snmpd.conf.
# Only "createUser" tokens should be placed here by snmpd administrators.
# (Did I mention: do not edit this file?)
#
usmUser 1 3 0x80001f888098ad4f304567245400000000 "rouser" "rouser" NULL .1.3.6.1.6.3.10.1.1.3 0x22051a77e41dc526caebc92dc387257482bcd$
setserialno 1673336648
##############################################################
#
# snmpNotifyFilterTable persistent data
#
##############################################################
##############################################################
#
# ifXTable persistent data
#
ifXTable .1 14:0 18:0x $
ifXTable .2 14:0 18:0x $
ifXTable .3 14:0 18:0x $
ifXTable .4 14:0 18:0x $
ifXTable .5 14:0 18:0x $
ifXTable .6 14:0 18:0x $
ifXTable .7 14:0 18:0x $
ifXTable .8 14:0 18:0x $
##############################################################
engineBoots 1
oldEngineID 0x80001f888098ad4f304567245400000000
prova a interrogare il sistema localmente:
snmpwalk -v 3 -u rouser -l authPriv -a MD5 -A 12345678 -x DES -X 12345678 localhost .1
che restituisce:
No log handling enabled - using stderr logging
snmpwalk: Authentication failure (incorrect password, community or key)
/var/log/snmpd.log:
/etc/snmp/snmpd.conf: line 61: Error: example config COMMUNITY not properly configured
/etc/snmp/snmpd.conf: line 62: Error: example config NETWORK not properly configured
net-snmp: 2 error(s) in config file(s)
NET-SNMP version 5.6
Authentication failed for rouser
Authentication failed for rouser
disabilita SNMP nel frattempo
sudo launchctl unload -w /System/Library/LaunchDaemons/org.net-snmp.snmpd.plist
Qualche idea? Grazie!