× NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Orbi WiFi 7 RBE973
Reply

M4300 snmp-server user password formatting

nmaludy
Aspirant

M4300 snmp-server user password formatting

Hello,

I'm trying to setup a config on my laptop and import into my M4300 switches.

Currently struggling with the formatting / hashing / encryption process for generating SNMPv3 users:


(M4300) (Config) #snmp-server user "nmaludy" DefaultRead auth-sha512-key2bbe0c48b91a7d1b8a6753a8b9cbe1db16b84379f3f91fe115621284df7a48f1cd71e9beb90ea614c7bd924250aa9e446a866725e685a65df5d139a5cd180dc9 priv-aes128-key 2bbe0c48b91a7d1b8a6753a8b9cbe1db16b84379f3f91fe115621284df7a48f1cd71e9beb90ea614c7bd924250aa9e446a866725e685a65df5d139a5cd180dc9

 

I tried generating the hashes using both sha512sum and openssl like follows:

$ echo -n 'test123' | sha512sum
2bbe0c48b91a7d1b8a6753a8b9cbe1db16b84379f3f91fe115621284df7a48f1cd71e9beb90ea614c7bd924250aa9e446a866725e685a65df5d139a5cd180dc9

 

$ echo -n 'test123' | openssl sha512                                            
(stdin)= 2bbe0c48b91a7d1b8a6753a8b9cbe1db16b84379f3f91fe115621284df7a48f1cd71e9beb90ea614c7bd924250aa9e446a866725e685a65df5d139a5cd180dc9


When i try setting this in the switch config, SNMP reports auth failure:

$ snmpwalk -v3 -l authPriv -u nmaludy -a SHA-512 -A 'test1234' -x AES -X 'test1234' 10.0.0.1
snmpwalk: Authentication failure (incorrect password, community or key)

 

Another interesting point is that if i omit the keys and have the switch prompt me for the passwords, i get hashes that do not match sha512sum or openssl:

 

(M4300) (Config)#snmp-server user "nmaludy" DefaultRead auth-sha512 priv-aes128

Enter Authentication Password:********

Confirm Authentication Password:********

Enter Encryption Password:********

Confirm Encryption Password:********

 

(M4300) (Config)#show running-config | include snmp-server      

snmp-server user "nmaludy" DefaultRead auth-sha512-key 44bf2c4cfc6d6d0a8fee7e858304600397151dbbaf859857a091bbb9
b74eaf5f0e242ad37cd22d0eed6d4edfaf6dafd052d71e500e2c38ead0ce2a3363cb7c37 priv-aes128-key 44bf2c4cfc6d6d0a8fee7e
858304600397151dbbaf859857a091bbb9b74eaf5f0e242ad37cd22d0eed6d4edfaf6dafd052d71e500e2c38ead0ce2a3363cb7c37

 

What is the proper way to generate the hashes / passwords for the "snmp-server user" command?

 

Thanks,

Nick

Message 1 of 1
Top Contributors
Discussion stats
  • 0 replies
  • 592 views
  • 0 kudos
  • 1 in conversation
Announcements