It's not clear what you mean by "show privacy in your security software". What kind of manager are you using? When configuring snmp I recommend that you first do a query from the agent itself using the clsnmp command. This lets you simulate a manager function and insure security is working correctly without worrying about another machine and another manager running on another machine.
Once you verify it works with this minimum configuration then worry about configuring the manager machines.
See the manage pages for clsnmp and it's configuration file.
Once you can query, then you do this capture to insure privacy is working, something like:
snmpv3 configuration for auth and priv (max security) has a lot of parts...so configure agent and query from agent before moving to large task like configuring into your manager system
Also notice that HACMP (in case you have a cluster) is depending on SNMP communication between the nodes. Otherwise the cluster.information daemon (clinfoES) and perhaps a few others will not work any more.
Many monitoring tools (HP OpenView, for example) base their operation also on SNMP, so test thoroughly before commissioning "security enhancements".
Usually these are issued by people who never had to administrate a system and this shows. We have about two times a year some "security advisory" which would immediately stop all our servers from peroperly working would we put it into practice. Best practice is to ignore such idiotic suggestions.
Location: on the road for work; home is private time
Posts: 456
Thanks Given: 10
Thanked 108 Times in 100 Posts
I am still using snmpv1 because so many programs have not liked snmpv3. Which means I still need to make the switch someday.
To see which daemon you are using by default (snmpd (v1) or snmpdv3 look at the following:
By default AIX now uses snmpdv3ne (for snmpdv3 Non-Encrypted). The start/stop command (startsrc/stopsrc) for snmpd looks at /usr/sbin/snmpd -= so changing what it points at changes your daemon.
The get the encrypted snmpv3 daemon (snmpdv3e) you need to load the daemon from the AIX Expansion Pack.
Hello everyone:
I'm still relatively new to AIX administration and learning every day. I need to configure SNMPv3 in several servers. I tried first on a "test environment" server, no firewalls, and I was successful.
Then I moved on to the "production" servers, which are behind firewall and I... (0 Replies)
Hi Friends,
I am using AIX 6 with ksh shell, i am not able to get the commands histroy which was used earlier by pressing up and down arrow keys. Could you please help me to enable the history for ksh shell in AIX 6 OS.
Thanks in Advance.
Siva Kumar. (3 Replies)
Hi All,
I have a NFS mount filesystem, however it is not supporting a creation of filesize greater than 2 GB in it, how can i enable the option (bf = true) in it.
The AIX version is 4.3.2
Thanks in Advance!! (1 Reply)
Hi,
I am new to AIX and have been assigned a task to configure the snmp on aix which can talk to our management server. Any help in relation to this will be greatly appriciated.
Cheers,
Tarun (3 Replies)
Solaris 10 -- I created SNMPv3 users with net-snmp-config --create-snmpv3-user command. I am using HP Network Node Manager's SNMPv3 Smart Plugin to serve as the SNMP management server. Some SNMPv3 users were automatically created with the same snmpengineID. This causes NNM's brassagt proxy to... (0 Replies)