[erlang-questions] Two SNMP questions: SHA auth + authPriv, authenticationFailure trap

Scott Lystig Fritchie fritchie@REDACTED
Fri Apr 6 02:52:12 CEST 2007

Greetings -- I've got a couple of SNMP-related questions.

1. Does anyone have an Erlang/OTP SNMP agent that can successfully
   handle the crypto required by 'authPriv' (either DES or AES) when
   using the SHA authentication method?

   If yes, then would you mind sending me a copy of a "usm.conf" entry
   that works?  (Along with the clear-text passphrases :-)  I'm trying
   to figure out if my SHA auth failures are due to a configuration
   problem, an OTP bug, or something else.(*)

2. Sorry, this is an SNMPv3 newbie question, but I'm anticipating a
   probably-going-to-be-asked question from our customer.

   If my Erlang/OTP SNMP agent receives an SNMPv3 query with a bad
   user name (a usmStatsUnknownUserNames error) or bad authentication
   passphrase (a usmStatsWrongDigests error), ...

   ...  is my app supposed to be sending an authenticationFailure
   trap?  I have snmpEnableAuthenTraps.0 set to enabled(1), but it
   isn't clear to me if the authenticationFailure is only for v1 or
   v2c auth errors or for all auth errors.


(*) Yes, I've asked this question before.  The problem I'm seeing is
one where I get usmStatsDecryptionErrors errors when authenticating
with a SHA digest.  The privacy encryption method, DES or AES, doesn't
matter.  If I use MD5 auth with the same encryption method (either
one), I have no problem.

More information about the erlang-questions mailing list