Accessing the switch

User configuration

Users can be configured to use the authentication/privacy options. The HP 10GbE switch supports two authentication algorithms: MD5 and SHA, as specified in the following command:

/cfg/sys/ssnmp/snmpv3/usm <x>/auth md5sha

1.To configure a user with name admin, authentication type MD5, authentication password of admin, and privacy option DES with privacy password of admin, use the following CLI commands:

>> # /cfg/sys/ssnmp/snmpv3/usm 5

 

>> SNMPv3 usmUser 5 # name "admin"

(Configure ‘admin’ user type)

>> SNMPv3 usmUser 5

# auth md5

 

>> SNMPv3 usmUser 5

# authpw admin

 

>> SNMPv3 usmUser 5

# priv des

 

>> SNMPv3 usmUser 5

# privpw admin

 

2. Configure a user access group, along with the views the group may access. Use the access table to configure the group’s access level.

>> # /cfg/sys/ssnmp/snmpv3/access 5

 

>> SNMPv3 vacmAccess 5 #

name "admingrp"

(Configure an access group)

>> SNMPv3 vacmAccess 5

#

level authPriv

 

>> SNMPv3 vacmAccess 5

#

rview "iso"

 

>> SNMPv3 vacmAccess 5

#

wview "iso"

 

>> SNMPv3 vacmAccess 5

#

nview "iso"

 

Because the read view (rview), write view (wview), and notify view (nview) are all set to “iso,” the user type has access to all private and public MIBs.

3. Assign the user to the user group. Use the group table to link the user to a particular access group. >> # /cfg/sys/ssnmp/snmpv3/group 5

>> SNMPv3 vacmSecurityToGroup 5 # uname admin >> SNMPv3 vacmSecurityToGroup 5 # gname admingrp

If you want to allow user access only to certain MIBs, see the “View based configurations” section.

15

Page 15
Image 15
HP 445946-001 manual User configuration, Cfg/sys/ssnmp/snmpv3/usm x/auth md5sha