CentOS 7.0 - man page for encode_keychange (centos section 1)
|Linux & Unix Commands - Search Man Pages
encode_keychange(1) Net-SNMP encode_keychange(1)
encode_keychange - produce the KeyChange string for SNMPv3
encode_keychange -t md5|sha1 [OPTIONS]
encode_keychange produces a KeyChange string using the old and new passphrases as
described in Section 5 of RFC 2274 "User-based Security Model (USM) for version 3 of the
Simple Network Management Protocol (SNMPv3)". -t option is mandatory and specifies the
hash transform type to use.
The transform is used to convert passphrase to master key for a given user (Ku), convert
master key to the localized key (Kul), and to hash the old Kul with the random bits.
Passphrases are obtained by examining a number of sources until success (in order listed):
command line options (see -N and -O options below);
the file $HOME/.snmp/passphrase.ek which should only contain two lines with old and
standard input -or- user input from the terminal.
-E [0x]<engineID> EngineID used for Kul generation.
<engineID> is intepreted as a hex string when preceded by 0x, otherwise it is
treated as a text string. If no <engineID> is specified, it is constructed from the
first IP address for the local host.
-f Force passphrases to be read from standard input.
-h Display the help message.
Passphrase used to generate the new Ku.
Passphrase used to generate the old Ku.
-P Turn off the prompt for passphrases when getting data from standard input.
-v Be verbose.
-V Echo passphrases to terminal.
The localized key method is defined in RFC 2274, Sections 2.6 and A.2, and originally doc-
U. Blumenthal, N. C. Hien, B. Wijnen, "Key Derivation for Network Management Appli-
cations", IEEE Network Magazine, April/May issue, 1997.
V5.7.2 16 Nov 2006 encode_keychange(1)
All times are GMT -4. The time now is 06:16 AM.