snmpv3 user
Syntax
snmpv3 user <NAME> [auth <AUTH-PROTOCOL> auth-pass {plaintext | ciphertext}
<AUTH-PWORD> [priv <PRIV-PROTOCOL> priv-pass {plaintext | ciphertext} <PRIV-PWORD>] ]
no snmpv3 user <NAME> [auth <AUTH-PROTOCOL> auth-pass
<AUTH-PWORD> [priv <PRIV-PROTOCOL> priv-pass <PRIV-PWORD>] ]
Description
Creates an SNMPv3 user and adds it to an SNMPv3 context. The
no
form of this command removes the specified SNMPv3 user.
For more details on the user enabled status, see
snmpv3 security-level
.
Command context
config
Parameters
<NAME>
Specifies the SNMPv3 username. Range 1 - 32 printable ASCII characters, excluding space and question mark.
auth <AUTH-PROTOCOL>
Specifies the authentication protocol used to validate user logins. Available options are:
md5
orsha
.auth-pass {plaintext | ciphertext} <AUTH-PWORD>
Specifies the SNMPv3 user password. Range for
plaintext
is 8 - 32 printable ASCII characters, excluding space and question mark.Range for
ciphertext
is 1 - 120 printable ASCII characters. This option is only used when copying user configuration settings between switches. It enables you to duplicate a user's configuration on another switch without having to know their password.priv <PRIV-PROTOCOL>
Specifies the SNMPv3 security protocol (encryption method). Available options are:
aes
ordes
.priv-pass {plaintext | ciphertext} <PRIV-PWORD>
Specifies the SNMPv3 user privacy passphrase. Range for
plaintext
is 8 - 32 printable ASCII characters, excluding space and question mark.Range for
ciphertext
is 1 - 120 printable ASCII characters. This option is only used when copying user configuration settings between switches. It enables you to duplicate a user's configuration on another switch without having to know their password.
Authority
Administrators or local user group members with execution rights for this command.
Examples
Defining an SNMPv3 user named Admin using sha authentication with the plaintext password mypassword and using des security with the plaintext password myprivpass:
switch(config)# snmpv3 user Admin auth sha auth-pass plaintext mypassword priv des priv-pass plaintext myprivpass
Removing an SNMPv3 user named
Admin
:
switch(config)# no snmpv3 user Admin
Defining an SNMPv3 user named Admin using sha authentication with the plaintext password mypassword and using des security with the plaintext password myprivpass:
switch(config)# snmpv3 user Admin auth sha auth-pass plaintext mypassword priv des priv-pass plaintext myprivpass
Copying an SNMP user from switch 1 to switch 2.
On switch 1, configure a user called
Admin, then issue the
show running-config
command to display switch configuration settings. The snmpv3 user command uses the
ciphertext
option to protect the users's passwords.
switch1(config)# snmpv3 user Admin auth sha auth-pass plaintext mypassword priv des priv-pass plaintext myprivpass switch1(config)# exit switch1# show running-config Current configuration: ! !Version ArubaOS-CX XL.10.04.0001AD ! ! ! snmpv3 user Admin auth sha auth-pass ciphertext AQBapZHf2d20GYr/xcGUzYzm0zjNf/4VKHtSqbNImqtfYbJYCgAAALkGFJVcSp3nZ3o= priv des priv-pass ciphertext AQBapb0H2poBQKXPoVsC9L9qzZyfJQnzR7hmTr7LGsOsI7K3CgAAAKP98Rq2jfTrFwQ= ssh server vrf mgmt ! ! ! ! interface mgmt no shutdown ip dhcp vlan 1
On switch 2, execute the snmpv3 user command that was displayed by
show running-config
on switch 1. This creates the user on switch 2 with the same configuration settings.
switch1(config)# snmpv3 user Admin auth sha auth-pass ciphertext AQBapZHf2d20GYr/xcGUzYzm0zjNf/4VKHtSqbNImqtfYbJYCgAAALkGFJVcSp3nZ3o= priv des priv-pass ciphertext AQBapb0H2poBQKXPoVsC9L9qzZyfJQnzR7hmTr7LGsOsI7K3CgAAAKP98Rq2jfTrFwQ=