在Mac OS X上启用SNMP


1

我试图在Mac OS X 10.8.5上使用一个只有一个就绪用户启用SNMP版本3,以便我可以远程监控计算机的运行状况。当我尝试本地时snmpwalk,会返回此消息:

No log handling enabled - using stderr logging
snmpwalk: Authentication failure (incorrect password, community or key)

以下是我为达到这一点而执行的确切步骤。我错过了什么?仅供参考,我使用的用户名为rouser,密码为12345678

sudo snmpconf -i

/usr/share/snmp/snmpd.conf使用权限创建-rw-r--r-- 1 root staff 484 Sep 25 14:44 snmpd.conf并包含:

# snmpd.conf
#   - created by the snmpconf configuration program
#
# SECTION: Access Control Setup
#
#   This section defines who is allowed to talk to your running
#   snmp agent.

# rouser: a SNMPv3 read-only user
#   arguments:  user [noauth|auth|priv] [restriction_oid]
rouser  rouser priv

创建用户:

sudo net-snmp-config --create-snmpv3-user -ro -a 12345678 -x 12345678 -X AES -A SHA rouser

/var/db/net-snmp/snmpd.conf使用权限创建-rw-r--r-- 1 root wheel 46 Sep 25 14:44 snmpd.conf并包含:

createUser rouser SHA "12345678" AES 12345678

该命令也更新/usr/share/snmp/snmpd.conf到此(最后一行添加):

# snmpd.conf
#   - created by the snmpconf configuration program
#
# SECTION: Access Control Setup
#
#   This section defines who is allowed to talk to your running
#   snmp agent.

# rouser: a SNMPv3 read-only user
#   arguments:  user [noauth|auth|priv] [restriction_oid]

rouser  rouser priv
rouser rouser

启用S​​NMP:

sudo launchctl load -w /System/Library/LaunchDaemons/org.net-snmp.snmpd.plist

该命令更改了/var/db/net-snmp/snmpd.confto 的权限-rw------- 1 root wheel 1420 Sep 25 15:04 snmpd.conf并将其内容更改为:

#
# net-snmp (or ucd-snmp) persistent data file.
#
############################################################################
# STOP STOP STOP STOP STOP STOP STOP STOP STOP
#
#          **** DO NOT EDIT THIS FILE ****
#
# STOP STOP STOP STOP STOP STOP STOP STOP STOP
############################################################################
#
# DO NOT STORE CONFIGURATION ENTRIES HERE.
# Please save normal configuration tokens for snmpd in SNMPCONFPATH/snmpd.conf.
# Only "createUser" tokens should be placed here by snmpd administrators.
# (Did I mention: do not edit this file?)
#


usmUser 1 3 0x80001f888098ad4f304567245400000000 "rouser" "rouser" NULL .1.3.6.1.6.3.10.1.1.3 0x22051a77e41dc526caebc92dc387257482bcd$
setserialno 1673336648

##############################################################
#
# snmpNotifyFilterTable persistent data
#
##############################################################


##############################################################
#
# ifXTable persistent data
#
ifXTable .1 14:0 18:0x $
ifXTable .2 14:0 18:0x $
ifXTable .3 14:0 18:0x $
ifXTable .4 14:0 18:0x $
ifXTable .5 14:0 18:0x $
ifXTable .6 14:0 18:0x $
ifXTable .7 14:0 18:0x $
ifXTable .8 14:0 18:0x $
##############################################################

engineBoots 1
oldEngineID 0x80001f888098ad4f304567245400000000

尝试在本地查询系统:

snmpwalk -v 3 -u rouser -l authPriv -a MD5 -A 12345678 -x DES -X 12345678 localhost .1

返回:

No log handling enabled - using stderr logging
snmpwalk: Authentication failure (incorrect password, community or key)

/var/log/snmpd.log:

/etc/snmp/snmpd.conf: line 61: Error: example config COMMUNITY not properly configured
/etc/snmp/snmpd.conf: line 62: Error: example config NETWORK not properly configured
net-snmp: 2 error(s) in config file(s)
NET-SNMP version 5.6
Authentication failed for rouser
Authentication failed for rouser

在此期间禁用SNMP

sudo launchctl unload -w /System/Library/LaunchDaemons/org.net-snmp.snmpd.plist

有什么想法吗?谢谢!

Answers:


1

首先,从snmpd.conf中删除重复的rouser行,只留下“rouser rouser priv”行。

其次,请注意您使用AES创建了您的用户:

sudo net-snmp-config --create-snmpv3-user -ro -a 12345678 -x 12345678 -X AES -A SHA rouser

但是正在尝试使用DES:

snmpwalk -v 3 -u rouser -l authPriv -a MD5 -A 12345678 -x DES -X 12345678 localhost .1

这不会起作用。Swtich -x AES在snmpwalk中,它有更好的机会。;-)

By using our site, you acknowledge that you have read and understand our Cookie Policy and Privacy Policy.
Licensed under cc by-sa 3.0 with attribution required.