diff options
| author | Stuart Henderson <sthen@cvs.openbsd.org> | 2021-08-08 13:43:11 +0000 |
|---|---|---|
| committer | Stuart Henderson <sthen@cvs.openbsd.org> | 2021-08-08 13:43:11 +0000 |
| commit | 4f23daa98dc8b07f5a6167fbfd3b94f40ad02ec1 (patch) | |
| tree | dd2f217b8853dfdb4374e28d2d21847f142511b2 /etc/examples/snmpd.conf | |
| parent | 44d5fd9bbf2aa5de994de39d6478902eb3c9ca29 (diff) | |
Rework examples/snmpd.conf; show more things that people are likely to
actually need, and fewer things that they won't need. In particular don't
rely on default auth/enc settings; SNMPv3 isn't algorithm-agile, it must
be defined on both ends, so relying on a default is going to cause some
problems if it ever does change.
Diffstat (limited to 'etc/examples/snmpd.conf')
| -rw-r--r-- | etc/examples/snmpd.conf | 32 |
1 files changed, 17 insertions, 15 deletions
diff --git a/etc/examples/snmpd.conf b/etc/examples/snmpd.conf index 0781f78065d..f8a313e07a3 100644 --- a/etc/examples/snmpd.conf +++ b/etc/examples/snmpd.conf @@ -1,24 +1,26 @@ -# $OpenBSD: snmpd.conf,v 1.1 2014/07/11 21:20:10 deraadt Exp $ +# $OpenBSD: snmpd.conf,v 1.2 2021/08/08 13:43:10 sthen Exp $ -listen_addr="127.0.0.1" +# Default listens on all addresses for SNMPv3 only; "listen on" overrides this +# See snmpd.conf(5) for more options (tcp, alternative ports, trap listener) +#listen on 192.0.2.1 # SNMPv3 on one specific address +#listen on 0.0.0.0 snmpv2c snmpv3 # All IPv4 addresses, both v2c + v3 +#listen on :: snmpv2c snmpv3 # All IPv6 addresses, both v2c + v3 +#listen on 127.0.0.1 snmpv2c # IPv4 localhost only, v2c -# Restrict daemon to listen on localhost only -listen on $listen_addr +# Define a RO community if you use SNMPv2c (there is no default) +#read-only community MWgp3MWbD2khaYnwy2B -# Specify a number of trap receivers -#trap receiver nms.localdomain.local +# At least one user must be defined to use SNMPv3 +#user "user1" auth hmac-sha1 authkey "password123" enc aes enckey "321drowssap" +#user "user2" auth hmac-sha256 authkey "password456" enc aes enckey "654drowssap" + +# Send traps from snmpd(8) to one or more receivers +#trap receiver nms.localdomain.local community PAV9kpE02gDPvAi source-address 192.0.2.1 # Adjust the local system information #system contact "Charlie Root (root@myhost.example.com)" #system description "Powered by OpenBSD" #system location "Rack A1-24, Room 13" -system services 74 - -# Provide static user-defined SNMP OIDs -oid 1.3.6.1.4.1.30155.42.3.1 name testStringValue read-only string "Test" -oid 1.3.6.1.4.1.30155.42.3.4 name testIntValue read-write integer 1 -# Enable SNMPv3 USM with authentication, encryption and two defined users -#seclevel enc -#user "user1" authkey "password123" enc aes enckey "321drowssap" -#user "user2" authkey "password456" enckey "654drowssap" +# Required by some management software +#system services 74 |