SNMP v3 与 NET::SNMP 工作,但 snmpwalk/snmpget 不工作?
我有以下(工作)perl 脚本:
use Net::SNMP;
# create session to the host
my ($session, $error) = Net::SNMP->session(
-hostname => $hostname,
-version => 'snmpv3',
-username => 'my_user_name',
-authkey => 'my_authkey',#actually, here stands the real authkey as configured on the switch
-privkey => 'my_privkey',#same as on switch
-authprotocol => 'sha',
-privProtocol => 'des'
);
if (!defined($session)) {
print $error . "\n";
last;
}
# retrieve a table from the remote agent
my $result = $session->get_table(
-baseoid => $MAC_OID
);
if (!defined($result)) {
print $session->error . "\n";
$session->close;
last;
}
#print out the result of the snmp query
#....
现在我想使用带有相同键的 snmpwalk 或 snmpget 。为此,我在主目录的 .snmp 中创建了一个 snmp.conf 文件,其中包含以下内容:
defSecurityName my_user_name
defContext ""
defAuthType SHA
defSecurityLevel authPriv
defAuthPassphrase my_auth_key here
defVersion 3
defPrivPassphrase my_privkey here
defPrivType DES
正如我所见,我在脚本和 snmpget 中使用相同的凭据。为什么我会收到snmpget:身份验证失败(密码、社区或密钥不正确)?
I have the following (working) perl script:
use Net::SNMP;
# create session to the host
my ($session, $error) = Net::SNMP->session(
-hostname => $hostname,
-version => 'snmpv3',
-username => 'my_user_name',
-authkey => 'my_authkey',#actually, here stands the real authkey as configured on the switch
-privkey => 'my_privkey',#same as on switch
-authprotocol => 'sha',
-privProtocol => 'des'
);
if (!defined($session)) {
print $error . "\n";
last;
}
# retrieve a table from the remote agent
my $result = $session->get_table(
-baseoid => $MAC_OID
);
if (!defined($result)) {
print $session->error . "\n";
$session->close;
last;
}
#print out the result of the snmp query
#....
Now I wanted to use snmpwalk or snmpget with the same keys. For that, I created a snmp.conf file in .snmp of my home directory with the following content:
defSecurityName my_user_name
defContext ""
defAuthType SHA
defSecurityLevel authPriv
defAuthPassphrase my_auth_key here
defVersion 3
defPrivPassphrase my_privkey here
defPrivType DES
As I see it, I use the same credentials in the script and for snmpget. Why do I get snmpget: Authentication failure (incorrect password, community or key) ?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
这取决于您使用的 snmpget 和 snmpset 的版本。当我针对基于 C# 的 SNMP 代理 https://sharpsnmp.com 测试旧版本的 net-snmp 时,我注意到对于 SHA 身份验证模式 + DES 隐私模式,一个错误阻止 net-snmp 命令行工具生成正确的消息字节(加密是错误的,因此没有代理可以解密它)。
我的建议是您尝试使用 Net::SNMP,正如您发现的那样,它不受相同错误的影响。
That depends on the version of snmpget and snmpset you use. When I tested an older version of net-snmp against my C# based SNMP agent https://sharpsnmp.com I noticed that for SHA authen mode + DES privacy mode a bug prevented the net-snmp command line tools from generating the correct message bytes (the encryption is wrong so that no agent can decrypt it).
My suggestion is that you try to use Net::SNMP instead, as like you found out, it is not affected by the same bug.
您的问题是您正在使用 Net::SNMP 的身份验证密钥和命令行 net-snmp 工具的密码。根据您的 Net::SNMP 使用情况,您实际上正在使用“本地化”密钥。这意味着 snmp.conf 文件的正确标记是:
请参阅 snmp.conf 手册页以获取更多详细信息。
Your problem is that you're using an authentication key for Net::SNMP and a password for the command-line net-snmp tools. Based on your Net::SNMP usage you're actually using 'localized' keys. Which means the right tokens for your snmp.conf file are:
See the snmp.conf manual page for further details.