snmp v3安全級別有三種,分別為noAuthNoPriv(不認證也不加密)、authNoPriv(認證但是不加密)、authPriv(既認證又加密)
一、SNMPv3配置代碼:
snmp-server contact zhangsan snmp-server location chengdu snmp-server view MIB-2 mib-2 included
1)如果設置安全級別為authPriv
snmp-server group READONLY v3 priv read MIB-2 snmp-server user admin READONLY v3 auth sha mypass123 priv aes 128 myaes123
2)如果設置安全級別為authNoPriv
snmp-server group READONLY v3 auth read MIB-2 snmp-server user admin READONLY v3 auth sha mypass123
3)如果設置安全級別為noAuthNoPriv
snmp-server group READONLY v3 noauth read MIB-2 snmp-server user admin READONLY v3
注意:上述密碼設置長度必須大於等於八位,否則在linux上使用snmpwalk命令時,會報錯提示
Error: passphrase chosen is below the length requirements of the USM (min=8). snmpwalk: (The supplied password length is too short.) Error generating a key (Ku) from the supplied privacy pass phrase.
其中sha可改成md5,
md5 Use HMAC MD5 algorithm for authentication sha Use HMAC SHA algorithm for authentication
aes可改成:3des,des。
3des Use 168 bit 3DES algorithm for encryption aes Use AES algorithm for encryption des Use 56 bit DES algorithm for encryption
2、snmpwalk獲取信息命令
1)安全級別為authPriv時,snmpwalk獲取信息方式:
snmpwalk -v 3 -u admin -l authPriv -a sha -A mypass123 -x aes -X myaes123 192.168.0.80 ".1.3.6.1.2.1"
2)安全級別為authNoPriv時,snmpwalk獲取信息方式:
snmpwalk -v 3 -u admin -l authNoPriv -a sha -A mypass123 192.168.0.80 ".1.3.6.1.2.1"
3)安全級別為noAuthNoPriv時,snmpwalk獲取信息方式:
snmpwalk -v 3 -u admin -l noAuthNoPriv 192.168.0.80 ".1.3.6.1.2.1" snmp-server contact zhangsan snmp-server location chengdu snmp-server view MIB-2 mib-2 included
1)如果設置安全級別為authPriv
---------------------