Hi Kevin, Please refer to RFC2574 for details of password to key algorithm.
Regards, Wojciech 2017-06-20 16:46 GMT+02:00 kevin gannon <ke...@gannons.net>: > We are using Ansible to push configurations and also check the > configuration in ansible versus what is on the box. > > The checking leads to an annoying problem. For auth keys using $9 style > passwords we can generate them in advance in the Ansible scripts and deploy > them as keys rather than passwords. What this means is when the check is > run an Ansible diff there is no mismatch. > > However SNMPv3 somehow uses the SNMP engine-id as part of the hashing. But > I cant figure out the logic to it. I know I could just ignore it but it is > bothering me :-(. > > Take the sample below > > set snmp v3 usm remote-engine 0000000000 user 00000000 authentication-md5 > authentication-password 00000000 > > Produces: > > $9$tvU80ORlKMXxdMWUjq.zF/CtpRhvWLxdbLXk.P5F3hSyeLxVwYgJGhSvLxNY25QzFnC > 0BIyrv1IdbwYoaApu0EcevWN-wO1NdVwaJn/9ABIEhr8LNcSMX-dsYP5T3ApO1RyevB17- > Vboa69Cp1RSyKL7-vMX-bwg4JGDkqf5QF9tu3n9pu0IRSreKLx > > > If you decrypt the $9$ you get the below > > b6c75cc8798750649aee2d4e444944ee3d35af1f3172432a52c47c2bc047b0c0 > > It does look like 2 x MD5 hashes but there is an extra character so am at a > loss. > > Any help much appreciated. > > Thanks and regards > Kevin > _______________________________________________ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp > _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp