我试图在Mac OS X 10.8.5上使用一个只有一个就绪用户启用SNMP版本3,以便我可以远程监控计算机的运行状况。当我尝试本地时snmpwalk
,会返回此消息:
No log handling enabled - using stderr logging
snmpwalk: Authentication failure (incorrect password, community or key)
以下是我为达到这一点而执行的确切步骤。我错过了什么?仅供参考,我使用的用户名为rouser,密码为12345678
sudo snmpconf -i
/usr/share/snmp/snmpd.conf
使用权限创建-rw-r--r-- 1 root staff 484 Sep 25 14:44 snmpd.conf
并包含:
# snmpd.conf
# - created by the snmpconf configuration program
#
# SECTION: Access Control Setup
#
# This section defines who is allowed to talk to your running
# snmp agent.
# rouser: a SNMPv3 read-only user
# arguments: user [noauth|auth|priv] [restriction_oid]
rouser rouser priv
创建用户:
sudo net-snmp-config --create-snmpv3-user -ro -a 12345678 -x 12345678 -X AES -A SHA rouser
/var/db/net-snmp/snmpd.conf
使用权限创建-rw-r--r-- 1 root wheel 46 Sep 25 14:44 snmpd.conf
并包含:
createUser rouser SHA "12345678" AES 12345678
该命令也更新/usr/share/snmp/snmpd.conf
到此(最后一行添加):
# snmpd.conf
# - created by the snmpconf configuration program
#
# SECTION: Access Control Setup
#
# This section defines who is allowed to talk to your running
# snmp agent.
# rouser: a SNMPv3 read-only user
# arguments: user [noauth|auth|priv] [restriction_oid]
rouser rouser priv
rouser rouser
启用SNMP:
sudo launchctl load -w /System/Library/LaunchDaemons/org.net-snmp.snmpd.plist
该命令更改了/var/db/net-snmp/snmpd.conf
to 的权限-rw------- 1 root wheel 1420 Sep 25 15:04 snmpd.conf
并将其内容更改为:
#
# net-snmp (or ucd-snmp) persistent data file.
#
############################################################################
# STOP STOP STOP STOP STOP STOP STOP STOP STOP
#
# **** DO NOT EDIT THIS FILE ****
#
# STOP STOP STOP STOP STOP STOP STOP STOP STOP
############################################################################
#
# DO NOT STORE CONFIGURATION ENTRIES HERE.
# Please save normal configuration tokens for snmpd in SNMPCONFPATH/snmpd.conf.
# Only "createUser" tokens should be placed here by snmpd administrators.
# (Did I mention: do not edit this file?)
#
usmUser 1 3 0x80001f888098ad4f304567245400000000 "rouser" "rouser" NULL .1.3.6.1.6.3.10.1.1.3 0x22051a77e41dc526caebc92dc387257482bcd$
setserialno 1673336648
##############################################################
#
# snmpNotifyFilterTable persistent data
#
##############################################################
##############################################################
#
# ifXTable persistent data
#
ifXTable .1 14:0 18:0x $
ifXTable .2 14:0 18:0x $
ifXTable .3 14:0 18:0x $
ifXTable .4 14:0 18:0x $
ifXTable .5 14:0 18:0x $
ifXTable .6 14:0 18:0x $
ifXTable .7 14:0 18:0x $
ifXTable .8 14:0 18:0x $
##############################################################
engineBoots 1
oldEngineID 0x80001f888098ad4f304567245400000000
尝试在本地查询系统:
snmpwalk -v 3 -u rouser -l authPriv -a MD5 -A 12345678 -x DES -X 12345678 localhost .1
返回:
No log handling enabled - using stderr logging
snmpwalk: Authentication failure (incorrect password, community or key)
/var/log/snmpd.log:
/etc/snmp/snmpd.conf: line 61: Error: example config COMMUNITY not properly configured
/etc/snmp/snmpd.conf: line 62: Error: example config NETWORK not properly configured
net-snmp: 2 error(s) in config file(s)
NET-SNMP version 5.6
Authentication failed for rouser
Authentication failed for rouser
在此期间禁用SNMP
sudo launchctl unload -w /System/Library/LaunchDaemons/org.net-snmp.snmpd.plist
有什么想法吗?谢谢!