Snmpv3 authentication protocols, Snmpv3 privacy protocol – Allied Telesis AT-S63 User Manual
Page 421

AT-S63 Management Software Menus Interface User’s Guide
Section IV: SNMPv3
421
“SNMPv3 Configuration Example” on page 428
SNMPv3
Authentication
Protocols
The SNMPv3 protocol supports two authentication protocols—HMAC-
MD5-96 (MD5) and HMAC-SHA-96 (SHA). Both MD5 and SHA use an 
algorithm to generate a message digest. Each authentication protocol 
authenticates a user by checking the message digest. In addition, both 
protocols use keys to perform authentication. The keys for both protocols 
are generated locally using the Engine ID, a unique identifier that is 
assigned to the switch automatically, and the user password. You modify a 
key only by modifying the user password.
In addition, you have the option of assigning no user authentication. In this 
case, no authentication is performed for this user. You may want to make 
this configuration for someone with super-user capabilities.
Note
The keys generated by the MD5 and SHA protocols are specific to 
the SNMPv3 protocol. They have no relation to the SSL and SSH 
keys for encryption.
SNMPv3 Privacy
Protocol
After you have configured an authentication protocol, you have the option 
of assigning a privacy protocol if you have the encrypted version of the 
AT-S63 software. In SNMPv3 protocol terminology, privacy is equivalent to 
encryption. Currently, the DES protocol is the only encryption protocol 
supported. The DES privacy protocol requires the authentication protocol 
to be configured as either MD5 or SHA.
If you assign a DES privacy protocol to a user, then you are also required 
to assign a privacy password. If you choose to not assign a privacy value, 
then SNMPv3 messages are sent in plain text format.
