pysnmp.sourceforge.net
HOME QUICK START DOCUMENTATION EXAMPLES DOWNLOAD
DEVELOPMENT | CONTACT |

Table of content

Network management «
PySNMP architecture
Standard SNMP Apps
Security configuration
Transport configuration
MIB variables
Other MIB Services

WARNING: you are reading historical documentation! Please, refer here.

Security configuration

Calls to oneliner Applications API require Security Parameters and Transport configuration objects as input parameters. These classes serve as convenience shortcuts to SNMP engine configuration facilities and for keeping persistent authentication/transport configuration between SNMP engine calls.

Security Parameters object is Security Model specific. UsmUserData class serves SNMPv3 User-Based Security Model configuration, while CommunityData class is used for Community-Based Security Model of SNMPv1/SNMPv2c.

class UsmUserData( securityName, authKey='', privKey='', authProtocol=usmNoAuthProtocol, privProtocol=usmNoPrivProtocol )

Create an object holding User-Based Security Model specific configuration parameters.

Mandatory securityName parameter is SNMPv3 USM username passed in as a string.

Optional authKey parameter is a secret key (string typed) used within USM for SNMP PDU authorization. Setting it to a non-empty value implies MD5-based PDU authentication (usmHMACMD5AuthProtocol) to take effect. Default hashing method may be changed by means of further authProtocol parameter.

Optional privKey parameter is a secret key (string typed) used within USM for SNMP PDU encryption. Setting it to a non-empty value implies MD5-based PDU authentication (usmHMACMD5AuthProtocol) and DES-based encryption (usmDESPrivProtocol) to take effect. Default hashing and/or encryption methods may be changed by means of further authProtocol and/or privProtocol parameters.

Optional authProtocol parameter may be used to specify non-default hash function algorithm. Possible values include:

  • usmHMACMD5AuthProtocol -- MD5-based authentication protocol
  • usmHMACSHAAuthProtocol -- SHA-based authentication protocol
  • usmNoAuthProtocol -- no authentication to use

Optional privProtocol parameter may be used to specify non-default ciphering algorithm. Possible values include:

  • usmDESPrivProtocol -- DES-based encryption protocol
  • usmAesCfb128Protocol -- AES128-based encryption protocol (RFC3826)
  • usm3DESEDEPrivProtocol -- triple DES-based encryption protocol (Extended Security Options)
  • usmAesCfb192Protocol -- AES192-based encryption protocol (Extended Security Options)
  • usmAesCfb256Protocol -- AES256-based encryption protocol (Extended Security Options)
  • usmNoPrivProtocol -- no encryption to use

All these symbols are defined in pysnmp.entity.rfc3413.oneliner.cmdgen module.

class CommunityData( communityName, mpModel=1 )

Create an object holding Community-Based Security Model specific configuration parameters.

Mandatory communityName parameter is SNMPv1/SNMPv2c Community name passed as a string.

Optional mpModel parameter indicates whether SNMPv2c (mpModel=1, default) or SNMPv1 (mpModel=0) protocol should be used.


Need help? Try PySNMP mailing lists or report to library maintainers.
SourceForge Logo