CE6850 配置snmp-agent v3用户的密码时报错,无法配置

发布时间:  2016-03-29 浏览次数:  219 下载次数:  0
问题描述

CE6850 V100R005C00SPC300

大致配置如下:

snmp-agent
snmp-agent local-engineid 800007DB039017ACBAA731
snmp-agent community read cipher %^%#yotzHQ^d0+:;01G*Rq+>*g\_If079P3+oM/~<jV#y[*,S@62uQe[.H(36JiU>A5Z+WPC6K+(_iCkDnZ0%^%# mib-view userinfo acl 2052
#
snmp-agent sys-info contact N01
snmp-agent sys-info location 3G-01-17/31+33U
snmp-agent sys-info version all
snmp-agent target-host trap address udp-domain 10.180.9.188 params securityname user1 v3
#
snmp-agent usm-user password complexity-check disable
snmp-agent mib-view included aaa internet
snmp-agent mib-view excluded userinfo hwAaa
snmp-agent mib-view excluded userinfo hwCfgOperateTable
snmp-agent mib-view excluded userinfo hwCollectTable
snmp-agent mib-view included userinfo internet
snmp-agent mib-view excluded userinfo snmpUsmMIB
snmp-agent mib-view excluded userinfo snmpVacmMIB
snmp-agent usm-user v3 user1
snmp-agent usm-user v3 user1 group group1
#

配置snmp-agent v3的用户时报错,无法配置成功,报错如下:

[~siadcaslhwy6]snmp-agent usm-user v3 user1 authentication-mode sha cipher Huawei@123_1234567890_Admin@123_J1
Error: Invalid encrypted password.
[~siadcaslhwy6]snmp-agent usm-user v3 user1 authentication-mode sha cipher huawei@123
                                                                           ^
Error: Wrong parameter found at '^' position.

处理过程

1、根据当前报错信息,直接配置密码huawei@123时报错,应为密码复杂度检测导致,关闭复杂度检测snmp-agent usm-user password complexity-check disable,关闭后故障依旧;

2、根据命令讲解,authentication-mode sha后面跟的密码关闭复杂度检测后,复杂度没有任何要求,密码可以随意配置;再次核实配置,发现当前配置还多了cipher参数,cipher指定密码后,密码必须为字符串形式,不支持空格,区分大小写,仅支持密文,长度范围是32~392。重新使用命令:

[~HUAWEI] snmp-agent usm-user v3 u1 group g1 [*HUAWEI] snmp-agent usm-user v3 u1 authentication-mode sha

Please configure the authentication password (8-255)                            

Enter Password:                                                                 

Confirm Password:

 

配置成功

根因
命令使用错误,配置sha后可以直接回车输入密码,无需cipher
解决方案

[~HUAWEI] snmp-agent usm-user v3 u1 group g1 [*HUAWEI] snmp-agent usm-user v3 u1 authentication-mode sha

Please configure the authentication password (8-255)                            

Enter Password:     

建议与总结
snmp-agent创建用户组时注意详细研究命令,不能经验主义,cipher在以前local-user输入密码时只是显示密文的意思,但是在该命令后面则是完全不同的密码复杂度要求,切记注意研究命令的参数详解

END