[erlang-questions] Two SNMP questions: SHA auth + authPriv, authenticationFailure trap

Scott Lystig Fritchie <>
Mon Apr 16 04:39:51 CEST 2007


>>>>> "mjb" == Martin Bjorklund <> writes:

mjb> Note how Secret16 is always used. and it is derived from md5.
mjb> The code should use the first 16 bytes for the SHA entry.

(Sorry about the delay ... I've been travelling.)

Yes, I see.  Thank you very much for finding that error.  I understand
now how to create the key hashes for all combinations of MD5/SHA and
DES/AEX AES AES for agent/usm.conf.

Hint to OTP maintainers: that'd be a good bugfix to add to the
next maintenance release.  :-)

>> 2. Sorry, this is an SNMPv3 newbie question, but I'm anticipating a
>> probably-going-to-be-asked question from our customer.
>> 
>> If my Erlang/OTP SNMP agent receives an SNMPv3 query with a bad
>> user name (a usmStatsUnknownUserNames error) or bad authentication
>> passphrase (a usmStatsWrongDigests error), ...
>> 
>> ...  is my app supposed to be sending an authenticationFailure
>> trap?  I have snmpEnableAuthenTraps.0 set to enabled(1), but it
>> isn't clear to me if the authenticationFailure is only for v1 or
>> v2c auth errors or for all auth errors.

mjb> Good question.  I would say that it should be sent for these USM
mjb> errors.  Is it?

No, it is not.

-Scott



More information about the erlang-questions mailing list