SNMPv3 keys vs passwords

foonly
Kilo Contributor

‎03-23-2017 10:32 AM

The Wiki says to enter SNMPv3 keys for auth and priv, but most of our devices (Cisco IOS) do not show the keys.

Credentials - ServiceNow Wiki

If the device does show the key, no 2 devices will have the same key unless the device supports entering a local key instead of a password.  

http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/snmp/configuration/xe-3se/3850/snmp-xe-3se-3850-boo..."There is currently no standard for generating localized keys for 192- or 256-bit size keys for AES or for 168-bit size key for 3-DES."

We have setup all our devices using passwords.

How can we enter SNMPv3 passwords in ServiceNow Credentials instead of keys?

How do other customers cope with this, besides staying on SNMPv2?

Thanks!

=seymour=

0 Helpfuls
  • 1,830 Views
1 REPLY 1

foonly
Kilo Contributor

‎03-30-2017 11:00 AM

I just noticed that the wiki is only good through Fuji. We are on Instanbul. The doc page there still shows it asking for keys, and not passwords:



Add an SNMPv3 user credential in Discovery



Maybe the boxes are mislabeled on the form. Are   people entering their SNMPv3 AUTH and PRIV passwords in the boxes labeled "Authentication key" and "Privacy key"? Does it work?



Or are people just doing NoAuthNoPriv, in which case, which is effectively like doing SNMPv2, and insecure?



=seymour=


0 Helpfuls