Re: [Pysnmp-dev] SNMP-based creation of users
Brought to you by:
elie
Menu
▾
▴
Re: [Pysnmp-dev] SNMP-based creation of users
|
From: Ilya E. <il...@gl...> - 2006-12-24 22:43:13
|
> I see that you have "Disallow SNMP access to USM objects" on your TODO > list. My organization will be using these objects to create new users > remotely. If your TODO item means just that you will change the access > level of the objects in SNMP-USER-BASED-SM-MIB to "noaccess", that's > fine, because we can easily change the access levels. If it means > something more than that, hopefully you'll reconsider. I was also Perhaps what I meant in the TODO list is to set up a default negative view to disallow USM subtree access at Agent by Manager. Whenever user deliberately needs remote LCD access s/he would be free to change that default VACM setting. So, you're on a safe side. ;) > hoping you'd implement the algorithm that creates the encryption and > authentication keys from the usmUserAuthKeyChange and > usmUserPrivKeyChange values. Yeah, right, let me figure out how it's supposed to be done... > I have written a patch for SNMP-USER-BASED-SM-MIB.py that gives the > usmUserSecurityName object the value of usmUserName whenever the is > changed. The patch is on the website. Please consider incorporating it; > it will save your newer users some hassle should they try to create > users remotely. I've put a comment on it at the website. I'll try to re-work your patch in a more reliable way as well... Thanks, ilya |
