encode_keychange(1) - Linux man page

Name

encode_keychange - produce the KeyChange string for SNMPv3

Synopsis

encode_keychange -t md5|sha1 [OPTIONS]

Description

encode_keychange produces a KeyChange string using the old and new passphrases as described in Section 5 of RFC 2274 "User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3)". -t option is mandatory and specifies the hash transform type to use.

The transform is used to convert passphrase to master key for a given user (Ku), convert master key to the localized key (Kul), and to hash the old Kul with the random bits.

Passphrases are obtained by examining a number of sources until success (in order listed):

command line options (see -N and -O options below);

the file $HOME/.snmp/passphrase.ek which should only contain two lines with old and new passphrase;

standard input -or- user input from the terminal.

Options

-E [0x]<engineID> EngineID used for Kul generation.

<engineID> is intepreted as a hex string when preceeded by 0x, otherwise it is treated as a text string. If no <engineID> is specified, it is constructed from the first IP address for the local host.
-f Force passphrases to be read from standard input. -h Display the help message.
-N "<new_passphrase>": Passphrase used to generate the new Ku.
-O "<old_passphrase>": Passphrase used to generate the old Ku.
-P Turn off the prompt for passphrases when getting data from standard input. -v Be verbose. -V Echo passphrases to terminal.

encode_keychange(1) - Linux man page

Name

Synopsis

Description

Options

See Also