Hi Paban,

This means that your manager and your agent are not using the same
algorithm for short-key extension.  There are two different algorithms that
are in use to extend the output of a short hash function (like SHA) for use
with longer encryption keys (like AES192).

When you run into this situation, the best way to handle it is to use a
hash function that has a long enough output so that it does not need to be
extended in order to input to the encryption method.  Unsurprisingly, these
combinations are exactly the ones that work in your table.

Alternately, you can try the "other" extension mechanism, which net-snmp
identifies by appending a "C" to the encryption mechanism, e.g., AES192C or
AES256C.  I have no experience with this, I've only seen the code.

  Bill


On Wed, Jul 13, 2022 at 10:29 AM Paban Agarwalla <pabanagarwa...@gmail.com>
wrote:

> Hi,
>
> We are using snmpv3 on our device.
>
> when we configure v3 users. Some of the algorithm combinations failed.
>
> Please find the attached table.
>
> Regards
> Paban
> _______________________________________________
> Net-snmp-coders mailing list
> Net-snmp-coders@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
>
_______________________________________________
Net-snmp-coders mailing list
Net-snmp-coders@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/net-snmp-coders

Reply via email to