So now I understand that net-snmp stores persistent data regarding engines and credentials in some numerical hex representation as usmUser records. These files seems to be created when the snmptrapd service is shutdown.
I figured this out when I changed the password on the server (snmptrapd) only and found that the inbound traps were still being accepted. So here is my actual question. How do I cause the usmUser records to be 'flushed' or updated with the createUser and authUser directives from my actual /etc/snmp/snmptrapd.conf when I change them? I expect to change them in that file and restart the service for the changes to take effect? Am I meant to shutdown the service and manually delete the persistent data files in /var/lib/net-snmp ? Does a command line option exists to do this for me? Thanks Dave On Mon, May 13, 2019 at 3:25 PM Dave C <dave....@gmail.com> wrote: > Sorry typo the error reads. > > May 13 11:52:16 WIK5 snmptrapd[22267]: Authentication failed for ZDART > > On Mon, May 13, 2019 at 2:21 PM Dave C <dave....@gmail.com> wrote: > >> Please help - going crazy. >> >> I have a server and a remote agent. The agent is generating v3 traps that >> are delivered back to the server. For a long while I had used some random >> credentials (that worked), now I when I change them I get "Authentication >> failed" in snmptrapd service. >> >> my client snmpd.conf >> trapsess -v3 -e 0x000db93a2f84 -u UDART -l authPriv -a SHA -A >> "aZdkhBVhRLl9IybmpLG2zmpGFe9tyM" -x AES -X "4kk1YP7j6dpdEyCwveuEjocOHSHYWm" >> 172.19.10.26 >> #trapsess -v3 -e 0x000db93a2f84 -u ZDART -l authPriv -a SHA -A >> "aZzzzBVhRLl9IybmpLG2zmpGFe9tyM" -x AES -X "4zzzYP7j6dpdEyCwveuEjocOHSHYWm" >> 172.19.10.26 >> >> >> my server snmptrapd.conf >> createUser -e 0x000db93a2f84 UDART SHA "aZdkhBVhRLl9IybmpLG2zmpGFe9tyM" >> AES "4kk1YP7j6dpdEyCwveuEjocOHSHYWm" >> authUser log,execute,net UDART >> #createUser -e 0x000db93a2f84 ZDART SHA >> "aZzzzBVhRLl9IybmpLG2zmpGFe9tyM" AES "4zzzYP7j6dpdEyCwveuEjocOHSHYWm" >> #authUser log,execute,net ZDART >> >> With the UDART lines everything works. >> With the ZDART lines uncommented and the UDART ones commented and after >> restarting both services I get... >> >> May 13 11:52:16 WIK5 snmptrapd[22267]: Authentication failed for WARTCO >> >> If I revert the lines back and restart everything is good again. >> >> Any idea what I am doing wrong. It seems like it must be fairly obvious >> but I can just not see it. >> >> >> Thanks >> >> Dave >> >
_______________________________________________ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
