beautypg.com

Displaying the engine id – Brocade Multi-Service IronWare Security Configuration Guide (Supporting R05.6.00) User Manual

Page 359

background image

Multi-Service IronWare Security Configuration Guide

341

53-1003035-02

Using the User-Based Security model

10

NOTE

The SNMP group to which the user account will be mapped should be configured before creating the
user accounts; otherwise, the group will be created without any views. Also, ACL groups must be
configured before configuring user accounts.

The v3 parameter is required.

The access standard-acl-id parameter is optional. It indicates that incoming SNMP packets are
filtered based on the ACL attached to the user account.

NOTE

The ACL specified in a user account overrides the ACL assigned to the group to which the user is
mapped. If no ACL is entered for the user account, the ACL configured for the group is used to filter
packets.

The encrypted parameter means that the MD5 or SHA password will be a digest value. MD5 has 16
octets in the digest. SHA has 20. The digest string has to be entered as a hexadecimal string. In this
case, the agent need not generate any explicit digest. If the encrypted parameter is not used, the
user is expected to enter the authentication password string for MD5 or SHA. The agent converts
the password string to a digest, as described in RFC 3414.

The optional auth md5 | sha parameter defines the type of encryption the user must have to be
authenticated. The choices are MD5 and SHA encryption (the two authentication protocols used in
SNMP version 3).

The md5-password and sha-password define the password the user must use to be authenticated.
These password must have a minimum of 8 characters. If the encrypted parameter is used, then
the digest has 16 octets for MD5 or 20 octets for SHA.

NOTE

Once a password string is entered, the generated configuration displays the digest (for security
reasons), not the actual password.

The priv [encrypted] parameter is optional after you enter the md5 or sha password. The priv
parameter specifies the encryption that is used to encrypt the privacy password. If the encrypted
keyword is used, do the following:

If DES is the privacy protocol to be used, enter des des-password-key and enter a 16-octet DES
key in hexadecimal format for the des-password-key. If you include the encrypted keyword,
enter a password string of at least 8 characters.

If AES is the privacy protocol to be used, enter aes and an aes-password-key. Enter either 12
(for a small key) or 16 (for a big key) characters for the aes-password-key. If you include the
encrypted keyword, enter a password string containing 32 hexadecimal characters.

Displaying the engine ID

To display the engine ID of a management module, enter a command such as the following.

Brocade(config)# show snmp engineid

Local SNMP Engine ID: 800007c70300e05290ab60

Engine Boots: 3

Engine time: 5

Syntax: show snmp engineid

See also other documents in the category Brocade Computer Accessories: