[SNMP4J] SNMPv3 Key Localization (repost)
Frank Fock
fock at agentpp.com
Thu Dec 3 22:08:36 CET 2009
Hi Gary,
The example in the Wiki is indeed misleading. I have updated
it.
Regards,
Frank
Smith, Gary wrote:
> Hi Frank
>
>
>
> Sent this a few days back but have seen no response, it may well be that
> I just need to read up more on the topic but the sample code is in
> error:
>
>
>
> I'm a little confused by SNMPv3 Key Localization and your example:
>
>
>
> https://server.oosnmp.net/confluence/pages/viewpage.action?pageId=144180
> 0
>
>
>
> snmp.getUSM().addLocalizedUser(engineID, sharedUserName,
>
> AuthMD5.getID(), new OctetString("md5Passphrase"),
>
> PrivDES.getID(), new OctetString("desPassphrase"));
>
>
>
>
>
> In the example you call USM.addLocalizedUser(...) with OctetString
> passphrases for auth & priv but as I understand the method these should
> be byte[] passkeys. And, indeed, the sample code will not compile.
>
>
>
> These passphrases should be converted to passkeys. I'm assuming this
> should _not_ be by adding a simple getValue() (because how do I get
> passkeys if not from passphrases), so should I instead be using
>
>
>
> snmp.getUSM().addLocalizedUser(engineID, sharedUserName,
>
> AuthMD5.ID,
>
> SecurityProtocols.getInstance().
>
> passwordToKey(AuthMD5.ID,new OctetString("md5Passphrase"),
> engineID),
>
> PrivDES.ID,
>
> SecurityProtocols.getInstance().
>
> passwordToKey(PrivDES.ID,AuthMD5.ID,new
> OctetString("desPassphrase"), engineID));
>
>
>
>
>
> My usage scenario is essentially a poller where agents can possibly have
> duplicate usernames but that passphrases for the same username may be
> different per agent. (Maybe I shouldn't be thinking in terms of
> localised keys at all?)
>
>
>
>
>
> Regards
>
>
>
> Gary
>
>
>
> Please be advised that this email may contain confidential information.
> If you are not the intended recipient, please do not read, copy or
> re-transmit this email. If you have received this email in error,
> please notify us by email by replying to the sender and by telephone
> (call us collect at +1 202-828-0850) and delete this message and any
> attachments. Thank you in advance for your cooperation and assistance.
>
> In addition, Danaher and its subsidiaries disclaim that the content of
> this email constitutes an offer to enter into, or the acceptance of,
> any
> contract or agreement or any amendment thereto; provided that the
> foregoing disclaimer does not invalidate the binding effect of any
> digital or other electronic reproduction of a manual signature that is
> included in any attachment to this email.
> _______________________________________________
> SNMP4J mailing list
> SNMP4J at agentpp.org
> http://lists.agentpp.org/mailman/listinfo/snmp4j
--
AGENT++
http://www.agentpp.com
http://www.snmp4j.com
http://www.mibexplorer.com
http://www.mibdesigner.com
More information about the SNMP4J
mailing list