snmp v3安全级别有三种,分别为noAuthNoPriv(不认证也不加密)、authNoPriv(认证但是不加密)、authPriv(既认证又加密)
一、SNMPv3配置代码:
snmp-server contact zhangsan snmp-server location chengdu snmp-server view MIB-2 mib-2 included
1)如果设置安全级别为authPriv
snmp-server group READONLY v3 priv read MIB-2 snmp-server user admin READONLY v3 auth sha mypass123 priv aes 128 myaes123
2)如果设置安全级别为authNoPriv
snmp-server group READONLY v3 auth read MIB-2 snmp-server user admin READONLY v3 auth sha mypass123
3)如果设置安全级别为noAuthNoPriv
snmp-server group READONLY v3 noauth read MIB-2 snmp-server user admin READONLY v3
注意:上述密码设置长度必须大于等于八位,否则在linux上使用snmpwalk命令时,会报错提示
Error: passphrase chosen is below the length requirements of the USM (min=8). snmpwalk: (The supplied password length is too short.) Error generating a key (Ku) from the supplied privacy pass phrase.
其中sha可改成md5,
md5 Use HMAC MD5 algorithm for authentication sha Use HMAC SHA algorithm for authentication
aes可改成:3des,des。
3des Use 168 bit 3DES algorithm for encryption aes Use AES algorithm for encryption des Use 56 bit DES algorithm for encryption
2、snmpwalk获取信息命令
1)安全级别为authPriv时,snmpwalk获取信息方式:
snmpwalk -v 3 -u admin -l authPriv -a sha -A mypass123 -x aes -X myaes123 192.168.0.80 ".1.3.6.1.2.1"
2)安全级别为authNoPriv时,snmpwalk获取信息方式:
snmpwalk -v 3 -u admin -l authNoPriv -a sha -A mypass123 192.168.0.80 ".1.3.6.1.2.1"
3)安全级别为noAuthNoPriv时,snmpwalk获取信息方式:
snmpwalk -v 3 -u admin -l noAuthNoPriv 192.168.0.80 ".1.3.6.1.2.1" snmp-server contact zhangsan snmp-server location chengdu snmp-server view MIB-2 mib-2 included
1)如果设置安全级别为authPriv
---------------------