1. Home
  2. Knowledge Base
  3. Problems (EN)
  4. Configuring net-snmp agents in GNU/Linux for SNMP v3

Configuring net-snmp agents in GNU/Linux for SNMP v3

On the remote server to be monitored, a user ID must be generated with parameters for authentication (access control) and encryption (privacy), specifying the encryption algorithm and the encryption password that will be used. See the manual (man) entry on snmpd.conf for more information.

For the net-snmp agent shipped with most versions of Linux, create /etc/snmp/snmpd.conf with entries like:

 # For SNMP V3
 # Uncomment next 5 lines
 com2sec snmpv3test localhost    dummycontext
 com2sec snmpv3test pan51        dummycontext
 group snmpv3group       usm     snmpv3test
 access snmpv3group        ""      usm       priv    exact  all     all   all
 rwuser paco

Create SNMPv3 User

Now, use the net-snmp-config utility to create the SNMP v3 user (‘paco’ in this case). You need to specify a password for authentication (-A) and a password for encryption (-X), along with the algorithms to be used for authentication and encryption. Please note that on CentOS/RHEL, net-snmp-devel must be installed to provide net-snmp-config.

To do this, first stop snmpd:

# /etc/init.d/snmpd stop

Then run the following command:

# net-snmp-config --create-snmpv3-user -A authsample -X encsample -x DES -a MD5 paco

/var/lib/net-snmp/snmpd.conf is modified with (hidden) encryption key and rwuser ‘paco’ is added to this file (/etc/snmp/snmpd.conf).


Test your SNMPv3 configuration as follows:

 $ snmpwalk -v 3 -a MD5 -A authsample -l authNoPriv -u paco sample_target system
 $ snmpwalk -v 3 -a MD5 -A authsample -X encsample -l authPriv -u paco sample_target system

The tests shown above are to a target called ‘sample_target’ for the MIB-2 system tree.

Note: Different implementations of net-snmp on different Operating Systems may work slightly different. For example, OpenSUSE does not need the net-snmp-devel package and the rwuser is created in a separate snmpd.conf under /usr/share/snmp (which is created automatically if it doesn’t exist).

Was this article helpful?

Related Articles

Need Support?

Can't find the answer you're looking for?
Contact Support