SNMP security credentials

SNMPv1 community names and write-access settings, and SNMPv3 usernames continue to be saved in the running configuration file even when you enter the include-credentials command.

In addition, the following SNMPv3 security parameters are also saved:

snmpv3 user <Name> [auth [<md5 | sha>] <Auth-Pass>]
                   [priv [<des | aes>] <Priv-Pass>]

Parameters

<Name>

The name of an SNMPv3 management station.

<md5 | sha>

Selects the authentication method.

<Auth-Pass>

Specifies the authentication password.

<des | aes>

Selects the privacy encryption method.

<Priv-Pass>

Specifies the privacy password used by a privacy protocol to encrypt SNMPv3 messages between the switch and the station.

The following example shows the additional security credentials for SNMPv3 users that can be saved in a running-config file.

Security credentials saved in the running-config

snmpv3 user boris \
auth md5 “9e4cfef901f21cf9d21079debeca453” \
priv “82ca4dc99e782db1a1e914f5d8f16824”

snmpv3 user alan \
auth sha “8db06202b8f293e9bc0c00ac98cf91099708ecdf” \
priv “5bc4313e9fd7c2953aaea9406764fe8bb629a538”

Although you can enter an SNMPv3 authentication or privacy password in either clear ASCII text or the SHA-1 hash of the password, the password is displayed and saved in a configuration file only in hashed format, as shown in the preceding example.

See "Configuring for Network Management Applications" in the management and configuration guide for your switch for more information about the configuration of SNMP security parameters.