Question :1. What command shows what SNMP Protocol version(s) [1, 2c, 3] I am running on my system?
2. How do change the SNMP version in use?
Answer :
There is no command to show the current running SNMP version. The snmpd daemon will not show as running in any one particular version, as it has the ability to do any of the three at any time. The configuration in the snmpd.conf file (/etc/sma/snmp/snmpd.conf) will indicate which versions allowed.
– By default the rocommunity and rwcommuntiy lines set in the snmpd.conf will allow SNMP V1 and V2 access.
– A snmpd.conf with no rocommunity and rwcommuntiy lines would only support a SNMPV3 query.
V1 and V2 requests would be ignored.
– For SNMPV3 queries to work the required options, the user,
passphrase, authentication/encryption method all have to be configured. there is no “public” like query capability with SNMPV3.
– A snmpd.conf with no rocommunity and rwcommuntiy lines would only support a SNMPV3 query.
V1 and V2 requests would be ignored.
– For SNMPV3 queries to work the required options, the user,
passphrase, authentication/encryption method all have to be configured. there is no “public” like query capability with SNMPV3.
Example of an snmpd.conf file configured for v1 and v2c :
... # rocommunity: a SNMPv1/SNMPv2c read-only access community name # arguments: community [default|hostname|network/bits] [oid] rocommunity public ... # rwcommunity: a SNMPv1/SNMPv2c read-write access community name # arguments: community [default|hostname|network/bits] [oid] # # The following entry provides minimum access for successful # SEA subagent registration. # rwcommunity private localhost .1.3.6.1.4.1.42.2.15 ...
Example of an snmpd.conf file configured for ONLY v3 access :
... # SECTION: Access Control Setup # # This section defines who is allowed to talk to your running # snmp agent. # rwuser: a SNMPv3 read-write user # arguments: user [noauth|auth|priv] [restriction_oid] rwuser geekuser # rouser: a SNMPv3 read-only user # arguments: user [noauth|auth|priv] [restriction_oid] rouser geekuser ...
where “geekuser” is the only user allowed in this example.