In fact I have all I need to generate auth and priv keys.
1. On prov server side must be generated public and private DH keys
(openssl can do this)
2. Prov server public key must be passed in SnmpV3MgrPublicNumber to CM.
3. CM calculates own public key and sets it in
SNMP-USM-DH-OBJECTS-MIB::usmDHKickstartMyPublic
4. CM calcuatees shared secret, using own priv + pub and server's pub
5. At this step shared secret may be calculated on server side
6. Both CM and server now can calculate auth and priv using hash function,
shared secret and salt. See rfc2786 for details
As I understand, there is some apps which can calc auth and priv keys. I
have not hound free one, but it's easy to create it
вт, 26 мар. 2019 г. в 13:30, Вячеслав Баландин <slavokhi...@gmail.com>:
> Hi
>
> I need to configure snmpv3 on CM. I've added tlv34 in provisioning file:
> SnmpV3Kickstart
> {
> SnmpV3SecurityName "docsisManager";
> SnmpV3MgrPublicNumber 0x12345678;
> }
> CM receives auth/priv keys. Now I need to see my keys to send snmp
> requests to CM. Where can I get them? I have full access to CMTS and prov
> server, but I don't know where and what to look.
>
> To change CM keys with snmpusm I need to have v3 user with known auth/priv
> password and enough permissions. But there is no initial users on CM. And
> it's OS is not linux-like, so there is no snmp.conf to set initial user
> manually. I've read CableLabs docs, but I can't find an explanation how to
> get auth/priv keys on prov server/CMTS
>
> Best regards
> Viacheslav
>
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users@lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users
