Adds (and modifies) an SNMPv3 user.
| hex_user_name | Specifies the user name to add or modify. The value is to be supplied as a colon separated string of hex octets. |
| user_name | Specifies the user name to add or modify in ASCII format. |
| engine-id | SNMP engine id. If not specified, the user is created with the local engine id. |
| engine_id | Engine id (in hexadecimal)"; type="ostring_t |
| authentication | Specifies the authentication password or hex string to use for generating the authentication key for this user. |
| md5 | Specifies RSA Data Security, Inc. MD5 Message-Digest Algorithm authentication. |
| sha | Specifies SHA authentication. |
| localized-key | Following value is a MD5 or SHA digest of the engine-id and user's password. |
| auth_localized_key | Authentication localized key (in hexadecimal) ) ;type="ostring_t" |
|
privacy |
Specifies the privacy password or hex string to use for generating the privacy key for this user. |
| des | Specifies the use of the 56-bit DES algorithm for encryption. This is the default. |
| 3des | Specifies the use of the 168-bit 3DES algorithm for encryption. |
| aes | Specifies the use of the AES algorithm for encryption. |
| 128 | Specifies the use of the 128-bit AES algorithm for encryption. |
| 192 | Specifies the use of the 192-bit AES algorithm for encryption. |
| 256 | Specifies the use of the 256-bit AES algorithm for encryption. |
| priv_localized_key | Privacy localized key (in hexadecimal)"; type="ostring_t" |
| volatile | Specifies volatile storage. By specifying volatile storage, the configuration is not saved across a switch reboot. |
authentication—no authentication.
privacy—no privacy.
non-volatile storage.
Use this command to create or modify an SNMPv3 user configuration.
The default user names are: admin, initial, initialmd5, initialsha, initialmd5Priv, initialshaPriv. The initial password for admin is password. For the other default users, the initial password is the user name.
If hex is specified, supply a 16 octet hex string for RSA Data Security, Inc. MD5 Message-Digest Algorithm, or a 20 octet hex string for SHA.
You must specify authentication if you want to specify privacy. There is no support for privacy without authentication.
Note
3DES, AES 192, and AES 256 bit encryptions are proprietary implementations and may not work with some SNMP managers.
SNMPv3 password and localized-key are saved to the configuration file using AES256-CBC encryption.
The following command configures the user guest on the local SNMP Engine with security level noauth (no authentication and no privacy):
configure snmpv3 add user guest
The following command configures the user authMD5 to use RSA Data Security, Inc. MD5 Message-Digest Algorithm authentication with the password palertyu:
configure snmpv3 add user authMD5 authentication md5 palertyu
The following command configures the user authShapriv to use SHA authentication with the hex key shown below, the privacy password palertyu, and volatile storage:
configure snmpv3 add user authShapriv authentication sha hex 01:03:04:05:01:05:02:ff:ef:cd:12:99:34:23:ed:ad:ff:ea:cb:11 privacy palertyu volatile
This command was first available in ExtremeXOS 10.1.
The hex_user_name parameter was added in ExtremeXOS 11.0.
Support for 3DES and AES was added in ExtremeXOS 12.3.
This command is available on ExtremeSwitching X435, X440-G2, X450-G2, X460-G2, X465, X590, X620, and X695 series switches.