2024年6月28日 星期五

ubuntu install snmpv3 設定

ubuntu install snmpv3 設定 

cilent端

===========================================

sudo apt install snmp snmpd libsnmp-dev

sudo service snmpd stop

sudo net-snmp-config --create-snmpv3-user -ro -X AES -A SHA -a my_authpass -x my_privpass snmpv3user

sudo net-snmp-create-v3-user -ro -X AES -A SHA -a my_authpass -x my_privpass snmpv3user

/etc/snmp/snmpd.conf

###########################################################################

#

# snmpd.conf

# An example configuration file for configuring the Net-SNMP agent ('snmpd')

# See snmpd.conf(5) man page for details

#

###########################################################################

# SECTION: System Information Setup

#


# syslocation: The [typically physical] location of the system.

#   Note that setting this value here means that when trying to

#   perform an snmp SET operation to the sysLocation.0 variable will make

#   the agent return the "notWritable" error code.  IE, including

#   this token in the snmpd.conf file will disable write access to

#   the variable.

#   arguments:  location_string

sysLocation    Sitting on the Dock of the Bay

sysContact     Me <me@example.org>


# sysservices: The proper value for the sysServices object.

#   arguments:  sysservices_number

sysServices    72

###########################################################################

# SECTION: Agent Operating Mode

#

#   This section defines how the agent will operate when it

#   is running.

# master: Should the agent operate as a master agent or not.

#   Currently, the only supported master agent type for this token

#   is "agentx".

#

#   arguments: (on|yes|agentx|all|off|no)

master  agentx

# agentaddress: The IP address and port number that the agent will listen on.

#   By default the agent listens to any and all traffic from any

#   interface on the default SNMP port (161).  This allows you to

#   specify which address, interface, transport type and port(s) that you

#   want the agent to listen on.  Multiple definitions of this token

#   are concatenated together (using ':'s).

#   arguments: [transport:]port[@interface/address],...

#agentaddress  127.0.0.1,[::1]

###########################################################################

# SECTION: Access Control Setup

#

#   This section defines who is allowed to talk to your running

#   snmp agent.

# Views

#   arguments viewname included [oid]

#  system + hrSystem groups only

view   systemonly  included   .1.3.6.1.2.1.1

view   systemonly  included   .1.3.6.1.2.1.25.1

view   systemview  included   .1

# rocommunity: a SNMPv1/SNMPv2c read-only access community name

#   arguments:  community [default|hostname|network/bits] [oid | -V view]

# Read-only access to everyone to the systemonly view

rocommunity  public default -V systemonly

rocommunity6 public default -V systemonly

# SNMPv3 doesn't use communities, but users with (optionally) an

# authentication and encryption string. This user needs to be created

# with what they can view with rouser/rwuser lines in this file.

#

# createUser username (MD5|SHA|SHA-512|SHA-384|SHA-256|SHA-224) authpassphrase [DES|AES] [privpassphrase]

# e.g.

# createuser authPrivUser SHA-512 myauthphrase AES myprivphrase

#

# This should be put into /var/lib/snmp/snmpd.conf

#

# rouser: a SNMPv3 read-only access username

#    arguments: username [noauth|auth|priv [OID | -V VIEW [CONTEXT]]]

rouser authPrivUser authpriv -V systemonly

# include a all *.conf files in a directory

includeDir /etc/snmp/snmpd.conf.d

存檔後

sudo systemctl restart snmpd

================================================================

zabbix server

sudo apt install snmp snmpd libsnmp-dev

看是否抓到資料

sudo snmpwalk -v 3 -a SHA -A my_authpass -x AES -X my_privpass -l authpriv -u snmpv3user guestip | head -10

沒有留言:

張貼留言