Fatal编程技术网
  • snmp/
  • 如何在网络snmp 5.8上配置带有USM身份验证和隐私的SNMPv3以避免;安全服务3解析ScopedPDU时出错;?

如何在网络snmp 5.8上配置带有USM身份验证和隐私的SNMPv3以避免;安全服务3解析ScopedPDU时出错;?

snmp

如何在网络snmp 5.8上配置带有USM身份验证和隐私的SNMPv3以避免;安全服务3解析ScopedPDU时出错;?,snmp,net-snmp,Snmp,Net Snmp,我在CentOS7上安装了一个运行正常的net snmp v5.7,现在我正尝试在CentOS8上运行的net snmp v5.8上进行同样的安装 我已将/etc/snmp/snmpd.conf配置如下: syslocation Somewhere syscontact postmaster@example.com dontLogTCPWrappersConnects yes agentaddress udp:161,udp6:161 includeAllDisks 10% engineI

我在CentOS7上安装了一个运行正常的net snmp v5.7,现在我正尝试在CentOS8上运行的net snmp v5.8上进行同样的安装

我已将/etc/snmp/snmpd.conf配置如下:

syslocation Somewhere
syscontact postmaster@example.com

dontLogTCPWrappersConnects yes
agentaddress udp:161,udp6:161

includeAllDisks 10%

engineID host.example.com
rouser -s usm user1
rouser -s usm user2

defversion  3
defsecurityname  user1
defsecuritylevel  authPriv
defauthtype  SHA256
defauthpassphrase  password
defprivtype  AES256
defprivpassphrase  password

[root@host ~]# snmpwalk host.example.com
security service 3 error parsing ScopedPDU
security service 3 error parsing ScopedPDU
security service 3 error parsing ScopedPDU
security service 3 error parsing ScopedPDU
security service 3 error parsing ScopedPDU
security service 3 error parsing ScopedPDU
snmpwalk: Timeout (error parsing PDU)
用户是在/var/lib/net snmp/snmpd.conf中创建的,如下所示,重新启动会按预期转换这些用户:

createUser "user1" "SHA256" "password" "AES256" "password"
createUser "user2" "SHA256" "password" "AES256" "password"
在同一台机器上,snmpwalk在/etc/snmp/snmp.conf中配置如下:

syslocation Somewhere
syscontact postmaster@example.com

dontLogTCPWrappersConnects yes
agentaddress udp:161,udp6:161

includeAllDisks 10%

engineID host.example.com
rouser -s usm user1
rouser -s usm user2

defversion  3
defsecurityname  user1
defsecuritylevel  authPriv
defauthtype  SHA256
defauthpassphrase  password
defprivtype  AES256
defprivpassphrase  password

[root@host ~]# snmpwalk host.example.com
security service 3 error parsing ScopedPDU
security service 3 error parsing ScopedPDU
security service 3 error parsing ScopedPDU
security service 3 error parsing ScopedPDU
security service 3 error parsing ScopedPDU
security service 3 error parsing ScopedPDU
snmpwalk: Timeout (error parsing PDU)
尝试运行snmpwalk(将上述参数添加到snmp.conf)失败,如下所示:

syslocation Somewhere
syscontact postmaster@example.com

dontLogTCPWrappersConnects yes
agentaddress udp:161,udp6:161

includeAllDisks 10%

engineID host.example.com
rouser -s usm user1
rouser -s usm user2

defversion  3
defsecurityname  user1
defsecuritylevel  authPriv
defauthtype  SHA256
defauthpassphrase  password
defprivtype  AES256
defprivpassphrase  password

[root@host ~]# snmpwalk host.example.com
security service 3 error parsing ScopedPDU
security service 3 error parsing ScopedPDU
security service 3 error parsing ScopedPDU
security service 3 error parsing ScopedPDU
security service 3 error parsing ScopedPDU
security service 3 error parsing ScopedPDU
snmpwalk: Timeout (error parsing PDU)
使用SHA和AES代替SHA256和AES256具有相同的效果

有人能证实上面的错误吗?

我在运行5.8的Ubuntu 20.04上遇到了同样的问题,最终改用了certs(SNMP3+DTLS),并修复了使其无法工作的bug。Net snmpd 5.9.1已经修复了。我在运行5.8的Ubuntu 20.04上遇到了同样的问题,最终改为使用证书(SNMP3+DTLS),并修复了使其无法工作的错误。Net snmpd 5.9.1有修复程序。