[j-nsp] SNMPv3 Type $9 Passwords ?
wojciech.janiszewski at gmail.com
Wed Jun 21 05:05:22 EDT 2017
Please refer to RFC2574 for details of password to key algorithm.
2017-06-20 16:46 GMT+02:00 kevin gannon <kevin at gannons.net>:
> We are using Ansible to push configurations and also check the
> configuration in ansible versus what is on the box.
> The checking leads to an annoying problem. For auth keys using $9 style
> passwords we can generate them in advance in the Ansible scripts and deploy
> them as keys rather than passwords. What this means is when the check is
> run an Ansible diff there is no mismatch.
> However SNMPv3 somehow uses the SNMP engine-id as part of the hashing. But
> I cant figure out the logic to it. I know I could just ignore it but it is
> bothering me :-(.
> Take the sample below
> set snmp v3 usm remote-engine 0000000000 user 00000000 authentication-md5
> authentication-password 00000000
> If you decrypt the $9$ you get the below
> It does look like 2 x MD5 hashes but there is an extra character so am at a
> Any help much appreciated.
> Thanks and regards
> juniper-nsp mailing list juniper-nsp at puck.nether.net
More information about the juniper-nsp