User Security Model Configuration
378
G8264 Command Reference for ENOS 8.4
You can make use of a defined set of user identities using this Security Model. An
SNMP engine must have the knowledge of applicable attributes of a user.
These commands help you create a user security model entry for an authorized
user. You need to provide a security name to create the USM entry.
Table 159.
User Security Model Configuration Options
Command Syntax and Usage
snmpserver user <1‐17> authenticationprotocol
{md5|sha|none} authenticationpassword
This command allows you to configure the authentication protocol and
password.
The authentication protocol can be HMAC‐MD5‐96 or HMAC‐SHA‐96 for
compatibility mode, HMAC‐SHA‐96 for security strict mode or none.
The default algorithm is none.
MD5 authentication protocol is not available in security strict mode if you do
not select SNMPv3 account backward compatibility.
When you configure an authentication algorithm, you must provide a
password, otherwise you will get an error message during validation. This
command allows you to create or change your password for authentication.
Command mode: Global configuration
snmpserver user <1‐17> name <1‐32 characters>
This command allows you to configure a string that represents the name of the
user. This is the login name that you need in order to access the switch.
Command mode: Global configuration
snmpserver user <1‐17> privacyprotocol {des|aes|none}
privacypassword
This command allows you to configure the type of privacy protocol and the
privacy password.
The privacy protocol protects messages from disclosure. The options are:
des (CBC‐DES Symmetric Encryption Protocol)
aes (AES‐128 Advanced Encryption Standard Protocol)
none
If you specify des as the privacy protocol, then make sure that you have
selected one of the authentication protocols (MD5 or HMAC‐SHA‐96). In
security strict mode, if you do not select SNMPv3 account backward
compatibility, only des privacy protocol is supported.
If you specify aes as the privacy protocol, make sure that you have selected
HMAC‐SHA‐96 authentication protocol.
If you select none as the authentication protocol, you will get an error
message.
You can create or change the privacy password.
Command mode: Global configuration