Configure SNMPv3 on Ubuntu14.04

Source: Internet
Author: User
Tags snmp http snmpv3
Simple Network Management Protocol (SNMP) is a standard protocol used to manage IP network devices. Typical SNMP-enabled devices include routers, switches, servers, workstations, printers, and data cabinets. SNMP is generally used by the network management system to monitor additional network devices according to the conditions set by the Administrator. SNMP is an integral part of the Internet Protocol Suite, which is defined by IETF institutions. It contains a series of network management standards, including an application layer protocol, a database architecture, and a set of data objects. SNMP expands management data in the form of Variables

Simple Network Management Protocol (SNMP) is a standard protocol used to manage IP network devices. Typical SNMP-enabled devices include routers, switches, servers, workstations, printers, and data cabinets. SNMP is generally used by the network management system to monitor additional network devices according to the conditions set by the Administrator. SNMP is an integral part of the Internet Protocol Suite, which is defined by IETF institutions. It contains a series of network management standards, including an application layer protocol, a database architecture, and a set of data objects.

SNMP displays management data in the form of variables, which describe the system configuration. These variables can also be used to manage application queries (or set ).

Why SNMPv3

Although the encryption feature added by SNMPv3 does not affect the protocol, the new text conventions, concepts, and terms make it look quite different.

Based on SNMP, SNMPv3 enhances security and remote configuration.

At first, the biggest drawback of SNMP was its weak security. In the first and second versions of SNMP, authentication only transfers a plaintext password between the Administrator and the proxy. Currently, each SNMPv3 information contains an octal encoded security parameter. The specific meaning of these security parameters is determined by the selected security model.

SNMPv3 provides important security features:

  • Confidentiality-encrypt data packets to prevent unauthorized source listening.

  • Integrity-the data integrity feature ensures that data is not disturbed during transmission and includes an optional data response protection mechanism.

  • Authentication-check whether the data comes from a valid source.

Install the SNMP server and client in Ubuntu 14.04

Open the terminal and run the following commands

  1. Sudo apt-get install snmpd snmp

After the installation is complete, make the following changes.

Configure SNMPv3

Obtain access permissions from external daemon

The default installation only provides local access permissions. To obtain external access permissions, open the file/etc/default/snmpd.

  1. Sudo vi/etc/default/snmpd

Change the following content

Set

  1. SNMPDOPTS = '-Lsd-Lf/dev/null-u snmp-g snmp-I-smux, mteTrigger, mteTriggerConf-p/var/run/snmpd. Pi'

Change

  1. SNMPDOPTS = '-Lsd-Lf/dev/null-u snmp-I-smux-p/var/run/snmpd. pid-c/etc/snmp/snmpd. conf'

Finally, restart snmpd.

  1. Sudo/etc/init. d/snmpd restart
Define SNMPv3 users, authentication and encryption parameters

The "securityLevel" parameter makes SNMPv3 available for a variety of purposes.

  • NoAuthNoPriv -- no authorization, encryption, and any security protection!

  • AuthNoPriv -- authentication is required, but data sent over the network is not encrypted.

  • AutoPriv-the most reliable mode. Authentication is required and data is encrypted.

The configurations and settings of snmpd are saved in the/etc/snmp/snmpd. conf file. Use the editor to edit the file:

  1. Sudo vi/etc/snmp/snmpd. conf

Add the following content at the end of the file:

  1. #
  2. CreateUser user1
  3. CreateUser user2 MD5 user2password
  4. CreateUser user3 MD5 user3password DES user3encryption
  5. #
  6. Rouser user1 noauth 1.3.6.1.2.1.1
  7. Rouser user2 auth 1.3.6.1.2.1
  8. Rwuser user3 priv 1.3.6.1.2.1

Note: If you need to use your username/password pair, note that the minimum length of the password and encryption phrase is 8 characters.

At the same time, you need to configure the following configuration so that snmp can listen to connection requests from any interface.

Set

  1. # AgentAddress udp: 161, udp6: [: 1]: 161

Change

  1. AgentAddress udp: 161, udp6: [: 1]: 161

Save the changed snmpd. conf file and restart the daemon:

  1. Sudo/etc/init. d/snmpd restart

SNMP http://www.linuxidc.com/Linux/2013-09/90263.htm for Zabbix

Network Dynamic Analysis http://www.linuxidc.com/Linux/2013-04/83514.htm Based on SNMP

SNMP Network Status Monitoring http://www.linuxidc.com/Linux/2013-04/83187.htm

Building SNMP test environment http://www.linuxidc.com/Linux/2013-02/79233.htm in CentOS 6.3

Linux (Ubuntu/CentOS) SNMP configuration http://www.linuxidc.com/Linux/2012-12/76837.htm

Enable and configure the SNMP service http://www.linuxidc.com/Linux/2013-01/78487.htm for Citrix Xenserver

For more information about Ubuntu, see Ubuntu special page http://www.linuxidc.com/topicnews.aspx? Tid = 2

This article permanently updates the link address: Http://www.linuxidc.com/Linux/2014-10/108511.htm

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.