• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Setting advanced sha and aes for SNMPv3

Scheduled Pinned Locked Moved SNMP
3 Posts 2 Posters 1.3k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • W
    Wolfgangthegreat
    last edited by Oct 20, 2023, 2:41 PM

    Hello,

    I use the latest current pfSense version, 2.7.0.

    I installed the net-snmp package.

    I noticed that when configuring a user for SNMPv3, there are the following "close" options to select from:
    SNMPv3 USM User Configuration >
    Authentication Type - either SHA or MD5 (which is counted as not secure anymore)
    Privacy Protocol - either AES or DES or None (DES is also counted as non secure anymore)

    At the details for net-snmp at the Package Manager section, it is stated:
    This package version: 0.1.5_11
    Package Dependencies: net-snmp-5.9.1_3,1 (a link to https://www.freshports.org/net-mgmt/net-snmp)

    Per http://www.net-snmp.org/wiki/index.php/Strong_Authentication_or_Encryption - it looks like for both SHA and EAS, advanced and stronger versions are supported since version 5.8 of net-snmp (and the package use version 5.9.1).

    So, my question is why these advance values are not reflected in the GUI of net-snmp?

    Also, can I somehow configure this in the shell cli instead?
    And if it is possible - will it not make any issues with the GUI of net-snmp or overall the snmp operation?

    Thanks!

    1 Reply Last reply Reply Quote 0
    • J
      jimp Rebel Alliance Developer Netgate
      last edited by Oct 20, 2023, 6:18 PM

      The only reason they aren't there is because nobody has done the work to make sure they function and add them into the package.

      As long as the new options function as expected it should be possible to add them in the package.

      You can open a feature request to add them in Redmine: https://redmine.pfsense.org/projects/pfsense-packages/issues

      Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

      Need help fast? Netgate Global Support!

      Do not Chat/PM for help!

      W 1 Reply Last reply Oct 20, 2023, 6:33 PM Reply Quote 1
      • W
        Wolfgangthegreat @jimp
        last edited by Oct 20, 2023, 6:33 PM

        @jimp Thanks for replying.

        I opened at matching feature request at https://redmine.pfsense.org/issues/14901. Crossing my fingers... :)

        1 Reply Last reply Reply Quote 0
        3 out of 3
        • First post
          3/3
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
          This community forum collects and processes your personal information.
          consent.not_received