Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
SNMP_USM(3)		 BSD Library Functions Manual		   SNMP_USM(3)

NAME
     snmp_usm -- user-based security module for	bsnmpd(1)

LIBRARY
     (begemotSnmpdModulePath."usm" = /usr/lib/snmp_usm.so)

DESCRIPTION
     The snmp_usm module implements SNMPv3 User-Based Security Model MIB as
     defined in	RFC 3414.  The module is used to manage	the internal list of
     SNMPv3 USM	active users in	bsnmpd.	 The module must be loaded for bsnmpd
     to	receive	and process SNMPv3 USM PDUs correctly.

IMPLEMENTATION NOTES
     A short description of the	objects	in the MIB follows.

     usmStats	The subtree contains statistics	for the	User-based Security
		Model PDU processing.  The statistics are reset	each time the
		module is loaded.

     usmUserSpinLock
		An advisory lock used to coordinate several Command Generator
		Applications when altering the SNMP USM	users.

     usmUserTable
		The table contains all SNMP USM	users configured in bsnmpd.
		The table contains the following objects

		usmUserEngineID	 An SNMP engine's administratively-unique
				 identifier. Must be set to the	same Engine ID
				 as bsnmpd so that the user will actually be
				 allowed to communicate	with the daemon.  The
				 column	is used	as entry key and is not	acces-
				 sible for GET or SET operations.

		usmUserName	 The USM user name. The	second entry key,
				 again not accessible for GET or SET opera-
				 tions.

		usmUserSecurityName
				 The column has	the exact same value as	the
				 usmUserName column, however is	accessible for
				 GET operations.

		usmUserCloneFrom
				 A GET on this column will return an empty
				 OID. SET operations are currently not sup-
				 ported.

		usmUserAuthProtocol
				 The value of this column contains the OID
				 corresponding to the authentication protocol
				 used by the USM user. The following protocols
				 and their OIDs	are known to snmp_usm module

				 NoAuthProtocol	1.3.6.1.6.3.10.1.1.1

				 HMACMD5AuthProtocol 1.3.6.1.6.3.10.1.1.2

				 HMACSHAAuthProtocol 1.3.6.1.6.3.10.1.1.3

		usmUserAuthKeyChange, usmUserOwnAuthKeyChange
				 These columns may be used to change the
				 user's	authentication key.

		usmUserPrivProtocol
				 The value of this column contains the OID
				 corresponding to the privacy protocol used by
				 the USM user. The following protocols and
				 their OIDs are	known to snmp_usm module

				 NoPrivProtocol	1.3.6.1.6.3.10.1.2.1

				 DESPrivProtoco	1.3.6.1.6.3.10.1.2.2

				 AesCfb128Protocol 1.3.6.1.6.3.10.1.2.4

		usmUserPrivKeyChange, usmUserOwnPrivKeyChange
				 These columns may be used to change the
				 user's	privacy	key.

		usmUserPublic	 An arbitrary octet string that	may be modi-
				 fied to confirm a SET operation on any	of the
				 columns was successful.

		usmUserStorageType
				 This column always has	either of two values.
				 Entries created via bsnmpd's configuration
				 file always have this column set to readOnly
				 (5) and it is not possible to modify those
				 entries. Entries created by Command Generator
				 Applications always have this column set to
				 volatile(2) and such entries are lost when
				 the module is restarted. A SET	operation on
				 this column is	not allowed.

		usmUserStatus	 This column is	used to	create new USM user
				 entries or delete existing ones from the ta-
				 ble.

FILES
     /usr/share/snmp/defs/usm_tree.def
		The description	of the MIB tree	implemented by snmp_usm.

SEE ALSO
     bsnmpd(1),	gensnmptree(1),	snmpmod(3)

STANDARDS
     IETF RFC 3414

AUTHORS
     Shteryana Shopova <syrinx@FreeBSD.org>

BSD			       September 9, 2010			   BSD

NAME | LIBRARY | DESCRIPTION | IMPLEMENTATION NOTES | FILES | SEE ALSO | STANDARDS | AUTHORS

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=snmp_usm&sektion=3&manpath=FreeBSD+12.1-RELEASE+and+Ports>

home | help