[SNMP4J] Cannot change the snmp password remotely

Frank Fock fock at agentpp.com
Thu Apr 18 09:16:46 CEST 2013 

Hi,

I guess you are mixing local and remote engine ID, but I am not sure.

Best regards,
Frank


Am 17.04.2013 13:58, schrieb Vilagut Abad, Roger:
> Hello,
>
> In order to remotely change the authentication password of a user I do the following steps:
>
>
> 1.       Get the usmUsrSpinLock.0 and save in sValue
>
> 2.       I obtain the old key of the user whose password I want to change as follows:
> byte[] oldKey = snmp.getUSM().getUser(engineId, new OctetString(user)).getUsmUser().getAuthenticationPassphrase();
>
> 3.       Then I generate the new key as follows:
>
> byte[] newKey = SecurityProtocols.getInstance().passwordToKey(AuthMD5.ID, new OctetString(newPassword), engineId.toByteArray());
>
> 4.       Then I generate the key change value as follows:
>
> byte[] keyChange = new AuthMD5().changeDelta(oldKey, newKey, random.getBytes());
>
> 5.       And finally I do a SET to the usmUserTable:
>
> SET(usmUserSpinLock.0=sValue, usmUserAuthKeyChange=keyChange, usmUserPublic=random)
>
> When I read the usmUserTable MIB table after the SET I can see the random value in the usmUserPublic column, however when I do a request using the new password the agent responds that the password is not correct.
>
> Am I missing something in the password change procedure? I have tried to follow the procedure described in RFC 3414 (KeyChange).
>
> Best regards,
> Roger Vilagut Abad
>
> ________________________________
> Este correo electr?nico y, en su caso, cualquier fichero anexo al mismo, contiene informaci?n de car?cter confidencial exclusivamente dirigida a su destinatario o destinatarios. Si no es vd. el destinatario indicado, queda notificado que la lectura, utilizaci?n, divulgaci?n y/o copia sin autorizaci?n est? prohibida en virtud de la legislaci?n vigente. En el caso de haber recibido este correo electr?nico por error, se ruega notificar inmediatamente esta circunstancia mediante reenv?o a la direcci?n electr?nica del remitente.
> Evite imprimir este mensaje si no es estrictamente necesario.
>
> This email and any file attached to it (when applicable) contain(s) confidential information that is exclusively addressed to its recipient(s). If you are not the indicated recipient, you are informed that reading, using, disseminating and/or copying it without authorisation is forbidden in accordance with the legislation in effect. If you have received this email by mistake, please immediately notify the sender of the situation by resending it to their email address.
> Avoid printing this message if it is not absolutely necessary.
> _______________________________________________
> SNMP4J mailing list
> SNMP4J at agentpp.org
> http://lists.agentpp.org/mailman/listinfo/snmp4j

-- 
---
AGENT++
Maximilian-Kolbe-Str. 10
73257 Koengen, Germany
https://agentpp.com
Phone: +49 7024 8688230
Fax:   +49 7024 8688231

More information about the SNMP4J mailing list