Allied Telesis AT-S95 CLI User Manual

SNMP Commands

Page 195

Syntax

snmp-server user username groupname [remote engineid-string] [ auth-md5 password | auth-sha password |
auth-md5-key md5-des-keys | auth-sha-key sha-des-keys ]

no snmp-server user username [remote engineid-string]

Parameters
•

username—Specifies the name of the user on the host that connects to the agent. (Range: 1-30 characters)

•

groupname—Specifies the name of the group to which the user belongs. (Range: 1-30 characters)

•

engineid-string—Specifies the engine ID of the remote SNMP entity to which the user belongs. The engine ID

is a concatenated hexadecimal string. Each byte in the hexadecimal character string is two hexadecimal
digits. Each byte can be separated by a period or colon. (Range: 5-32 characters)

•

auth-md5 password—Indicates the HMAC-MD5-96 authentication level. The user should enter a password

for authentication and generation of a DES key for privacy. (Range: 1-32 characters)

•

auth-sha password—Indicates the HMAC-SHA-96 authentication level. The user should enter a password

for authentication and generation of a DES key for privacy. (Range: 1-32 characters)

•

auth-md5-key md5-des-keys—Indicates the HMAC-MD5-96 authentication level. The user should enter a

concatenated hexadecimal string of the MD5 key (MSB) and the privacy key (LSB). If authentication is only
required, 16 bytes should be entered; if authentication and privacy are required, 32 bytes should be entered.
Each byte in the hexadecimal character string is two hexadecimal digits. Each byte can be separated by a
period or colon. (16 or 32 bytes)

•

auth-sha-key sha-des-keys—Indicates the HMAC-SHA-96 authentication level. The user should enter a

concatenated hexadecimal string of the SHA key (MSB) and the privacy key (LSB). If authentication is only
required, 20 bytes should be entered; if authentication and privacy are required, 36 bytes should be entered.
Each byte in the hexadecimal character string is two hexadecimal digits. Each byte can be separated by a
period or colon. (20 or 36 bytes)

Default Configuration

No group entry exists.

Command Mode

Global Configuration mode

User Guidelines

If auth-md5 or auth-sha is specified, both authentication and privacy are enabled for the user.

When a show running-config Privileged EXEC mode command is entered, a line for this user will not be
displayed. To see if this user has been added to the configuration, type the show snmp users Privileged EXEC
mode command.

An SNMP EngineID has to be defined to add SNMP users to the device. Changing or removing the SNMP
EngineID value deletes SNMPv3 users from the device’s database.

The remote engineid designates the remote management station and should be defined to enable the device to
receive informs.

Example

The following example configures an SNMPv3 user John in group user-group.

Console(config)# snmp-server user John user-group