Before you run the SNMPv3 manager examples, you require some information about how SNMPv3 user-based model (USM) security is configured. Below is a brief description of the SNMPv3 security mechanism that provides you with the information you need to run the SNMPv3 examples in this chapter. Full descriptions of the SNMPv3 security mechanisms are given in 19.3 SNMPv3 User-Based Security Model.
An SNMPv3 manager requires a security file, in the same way as an SNMPv3 agent does. The jdmk.security file for an SNMPv3 manager differs slightly from that of an SNMPv3 agent, as shown in the following example.
# User and security configuration userEntry=0x8000002a05819dcb6e00001f95,defaultUser,, usmHMACMD5AuthProtocol,mypasswd userEntry=0x8000002a05819dcb6e00001f96,defaultUser,, usmHMACMD5AuthProtocol,mypasswd # Number of boots localEngineBoots=5 # Local engine ID localEngineID=0x8000002a05000000ec4c49ded9
In a manager's security file, there is more emphasis on the engine ID than in an agent's security file. The userEntry provides all the security information the manager needs to communicate with a particular authoritative agent, as follows:
This is the engine ID of the agent with which the manager will communicate
The authorized user for that agent
The authentication algorithm; in this case, HMAC MD5
The privacy password
In this example, the information in the userEntry corresponds to the security information provided in the AgentV3 example's jdmk.security file, in Example 16–3. Therefore, this manager can communicate with that agent.
The remaining information pertains to the manager itself:
Sets how many times the local engine will boot
Represents the ID of the engine associated to the SNMP session in which the manager is running