Enable v3, disable v1 and v2c
Need to use v3 only and disable v1 and v2c.
In /etc/snmp/snmpd.conf delete or comment the community names that are used for v1 and v2c (for example):
rocommunity public 127.0.0.1
Your default community names may not exactly be called “public”
Restart the snmpd daemon.
# /etc/init.d/snmpd restart
Verify that the SNMPv1 and SNMPv2c access is disabled using the snmpwalk utility:
# snmpwalk -v1 -c public localhost
Timeout: No Response from localhost
# snmpwalk -v2c -c public localhost
Timeout: No Response from localhostThen, to setup encryption (which, as far as I understand is the difference from v2c to v3) add following to snmpd.conf:
createUser authOnlyUser MD5 “secretPassword-1”
createUser authPrivUser SHA “secretPassword-2” DES
createUser internalUser MD5 “secretPassword-3”
Restart the snmpd daemon.
# /etc/init.d/snmpd restart
Test out via command line from client (IP address is for my server and OID):
snmpget -v 3 -u authPrivUser -l authPriv -a SHA -x DES -A secretPassword-2 -X secretPassword-2 192.168.13.79 .1.3.6.1.2.1.1.1.0
… and get back something to the effect of the following:
iso.3.6.1.2.1.1.1.0 = STRING: “Linux imxswitch 4.14.55-tlx.3b-armv7-x4 #8 SMP PREEMPT Wed Oct 24 11:42:35 EDT 2018 armv7l”
Also, I use MB-Soft’s MIB Browser. Configure information as follows based on the above command line which worked: