Many thanks. On Wed, 21 Jun 2017 at 10:05, Wojciech Janiszewski < wojciech.janiszew...@gmail.com> wrote:
> Hi Kevin, > > Please refer to RFC2574 for details of password to key algorithm. > > Regards, > Wojciech > > 2017-06-20 16:46 GMT+02:00 kevin gannon <ke...@gannons.net>: > >> We are using Ansible to push configurations and also check the >> configuration in ansible versus what is on the box. >> >> The checking leads to an annoying problem. For auth keys using $9 style >> passwords we can generate them in advance in the Ansible scripts and >> deploy >> them as keys rather than passwords. What this means is when the check is >> run an Ansible diff there is no mismatch. >> >> However SNMPv3 somehow uses the SNMP engine-id as part of the hashing. But >> I cant figure out the logic to it. I know I could just ignore it but it is >> bothering me :-(. >> >> Take the sample below >> >> set snmp v3 usm remote-engine 0000000000 user 00000000 authentication-md5 >> authentication-password 00000000 >> >> Produces: >> >> >> $9$tvU80ORlKMXxdMWUjq.zF/CtpRhvWLxdbLXk.P5F3hSyeLxVwYgJGhSvLxNY25QzFnC0BIyrv1IdbwYoaApu0EcevWN-wO1NdVwaJn/9ABIEhr8LNcSMX-dsYP5T3ApO1RyevB17-Vboa69Cp1RSyKL7-vMX-bwg4JGDkqf5QF9tu3n9pu0IRSreKLx >> >> >> If you decrypt the $9$ you get the below >> >> b6c75cc8798750649aee2d4e444944ee3d35af1f3172432a52c47c2bc047b0c0 >> >> It does look like 2 x MD5 hashes but there is an extra character so am at >> a >> loss. >> >> Any help much appreciated. >> >> Thanks and regards >> Kevin >> > _______________________________________________ >> juniper-nsp mailing list juniper-nsp@puck.nether.net >> https://puck.nether.net/mailman/listinfo/juniper-nsp >> > > _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp