[SNMP4J] SNMPv3 Key Localization

Smith, Gary Gary.Smith at flukenetworks.com
Thu Nov 26 10:54:15 CET 2009 

Hi Frank

 

I'm a little confused by SNMPv3 Key Localization and your example:

 

https://server.oosnmp.net/confluence/pages/viewpage.action?pageId=144180
0

 

snmp.getUSM().addLocalizedUser(engineID, sharedUserName,

    AuthMD5.getID(), new OctetString("md5Passphrase"),

    PrivDES.getID(), new OctetString("desPassphrase"));

 

 

In the example you call USM.addLocalizedUser(...) with OctetString
passphrases for auth & priv but as I understand the method these should
be byte[] passkeys.  And, indeed, the sample code will not compile.

 

These passphrases should be converted to passkeys.  I'm assuming this
should be by adding a simple getValue() (because how do I get passkeys
if not from passphrases), so should I instead be using

 

snmp.getUSM().addLocalizedUser(engineID, sharedUserName,

    AuthMD5.getID(), 

    SecurityProtocols.getInstance().

        passwordToKey(AuthMD5.getID(),new OctetString("md5Passphrase"),
engineID),

    PrivDES.getID(), 

    SecurityProtocols.getInstance().

        passwordToKey(PrivDES.getID(),AuthMD5.getID(),new
OctetString("desPassphrase"), engineID));

 

 

My usage scenario is essentially a poller where agents can possibly have
duplicate usernames but that passphrases for the same username may be
different per agent.  (Maybe I shouldn't be thinking in terms of
localised keys at all?)

 

 

Regards

 

Gary



Please be advised that this email may contain confidential information.
 If you are not the intended recipient, please do not read, copy or
re-transmit this email.  If you have received this email in error,
please notify us by email by replying to the sender and by telephone
(call us collect at +1 202-828-0850) and delete this message and any
attachments.  Thank you in advance for your cooperation and assistance.

In addition, Danaher and its subsidiaries disclaim that the content of
this email constitutes an offer to enter into, or the acceptance of, 
any
contract or agreement or any amendment thereto; provided that the
foregoing disclaimer does not invalidate the binding effect of any
digital or other electronic reproduction of a manual signature that is
included in any attachment to this email.

More information about the SNMP4J mailing list