To Enable SNMP Encryption for Server Installations

1. Check whether the package is installed.

   • (For systems running Solaris 9 or earlier) Make sure the SUNWcry package, which contains the /usr/lib/libcrypt_d.so encryption library, is installed on the system by typing:

     % pkginfo | grep SUNWcry

     If the package is installed, the system shows:

     application SUNWcry

     ---

     Note –

     The SUNWcry package is part of the Solaris Encryption Kit. To obtain the Solaris Encryption Kit, see your Sun sales representative. For important information about administering secure systems, see your Solaris system administration documentation.

     ---

   • (For systems running Solaris 10) Make sure the SUNWcsl package, which contains the /usr/lib/libpkcs11.so encryption library, is installed on the system by typing:

     % pkginfo | grep SUNWcsl

     If the package is installed, the system shows:

     application SUNWcsl

   • (For systems running Linux) Make sure you provide the PKCS11_API.so encryption library in /usr/lib/pkcs11 and enable the pkcs_slot daemon.

2. Type the following command as superuser from the server host:

   # es-config -r

   The system detects the presence of the appropriate package and automatically stops all Sun Management Center components. The script then asks for the security seed.

3. Type the security seed.

   The script asks for the SNMPv1 community string.

4. When asked whether you want to initiate encrypted communication, type y to initiate encrypted communication or n to decline.

5. When asked whether you want to enable the auto-negotiate feature, type y to enable or n to decline.

   For details on the auto-negotiate feature, see Auto-Negotiate Feature.