encode_keychange - produce the KeyChange string for SNMPv3
encode_keychange -t md5|sha1 [OPTIONS]
encode_keychange(1) Net-SNMP encode_keychange(1)
NAME
encode_keychange - produce the KeyChange string for SNMPv3
SYNOPSIS
encode_keychange -t md5|sha1 [OPTIONS]
DESCRIPTION
encode_keychange produces a KeyChange string using the old and new
passphrases as described in Section 5 of RFC 2274 "User-based Security
Model (USM) for version 3 of the Simple Network Management Protocol
(SNMPv3)". -t option is mandatory and specifies the hash transform type
to use.
The transform is used to convert passphrase to master key for a given
user (Ku), convert master key to the localized key (Kul), and to hash
the old Kul with the random bits.
Passphrases are obtained by examining a number of sources until success
(in order listed):
command line options (see -N and -O options below);
the file $HOME/.snmp/passphrase.ek which should only contain two
lines with old and new passphrase;
standard input -or- user input from the terminal.
OPTIONS
-E [0x]<engineID> EngineID used for Kul generation.
<engineID> is intepreted as a hex string when preceded by 0x,
otherwise it is treated as a text string. If no <engineID> is
specified, it is constructed from the first IP address for the
local host.
-f Force passphrases to be read from standard input.
-h Display the help message.
-N "<new_passphrase>"
Passphrase used to generate the new Ku.
-O "<old_passphrase>"
Passphrase used to generate the old Ku.
-P Turn off the prompt for passphrases when getting data from stan-
dard input.
-v Be verbose.
-V Echo passphrases to terminal.
ATTRIBUTES
See attributes(7) for descriptions of the following attributes:
+---------------+---------------------------------+
|ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+---------------+---------------------------------+
|Availability | system/management/snmp/net-snmp |
+---------------+---------------------------------+
|Stability | Volatile |
+---------------+---------------------------------+
SEE ALSO
The localized key method is defined in RFC 2274, Sections 2.6 and A.2,
and originally documented in
U. Blumenthal, N. C. Hien, B. Wijnen, "Key Derivation for Net-
work Management Applications", IEEE Network Magazine, April/May
issue, 1997.
NOTES
Source code for open source software components in Oracle Solaris can
be found at https://www.oracle.com/downloads/opensource/solaris-source-
code-downloads.html.
This software was built from source available at
https://github.com/oracle/solaris-userland. The original community
source was downloaded from https://sourceforge.net/projects/net-
snmp/files/net-snmp/5.8/net-snmp-5.8.tar.gz.
Further information about this software can be found on the open source
community website at http://www.net-snmp.org/.
V5.8 16 Nov 2006 encode_keychange(1)