Reset net-snmp? I've forgotten the initial user password
Clash Royale CLAN TAG#URR8PPP
up vote
0
down vote
favorite
I created an SNMP initial user several years ago for a project and have forgotten the password. Is there a way to reset net-snmp back to default, no users, and recreate the initial user and subsequent users?
This is on Solaris 10 and Solaris 11.3.
solaris snmp
asked Apr 2 at 16:07
user1712037
53117
add a comment |Â
up vote
0
down vote
favorite
I created an SNMP initial user several years ago for a project and have forgotten the password. Is there a way to reset net-snmp back to default, no users, and recreate the initial user and subsequent users?
This is on Solaris 10 and Solaris 11.3.
solaris snmp
asked Apr 2 at 16:07
user1712037
53117
add a comment |Â
up vote
0
down vote
favorite
up vote
0
down vote
favorite
I created an SNMP initial user several years ago for a project and have forgotten the password. Is there a way to reset net-snmp back to default, no users, and recreate the initial user and subsequent users?
This is on Solaris 10 and Solaris 11.3.
solaris snmp
asked Apr 2 at 16:07
user1712037
53117
I created an SNMP initial user several years ago for a project and have forgotten the password. Is there a way to reset net-snmp back to default, no users, and recreate the initial user and subsequent users?
This is on Solaris 10 and Solaris 11.3.
solaris snmp
asked Apr 2 at 16:07
user1712037
53117
asked Apr 2 at 16:07
user1712037
53117
asked Apr 2 at 16:07
user1712037
53117
asked Apr 2 at 16:07
user1712037
53117
53117
add a comment |Â
add a comment |Â
1 Answer
1
active
oldest
votes
up vote
1
down vote
accepted
There is a configuration file that is maintained by net-snmp itself. On Debian Linux, it's at /var/lib/snmp/snmpd.conf; I don't know exactly where net-snmp puts it on Solaris. But that file contains user definitions as long lines, starting with the usmUser keyword. The user's password will be stored in encrypted/hashed form, so you cannot read it. But the username will be plainly readable on the line.
You should not edit the file while snmpd is running, as snmpd will then simply overwrite your changes. But when snmpd is stopped, you can edit the file to add a createUser line into it to create a new user - when snmpd is restarted, it will read the file, detect any createUser lines, encrypt the plain-text passwords on those lines, and then replace those createUser lines with corresponding usmUser lines. That way, you could add a new user with a known password and full admin access without knowing the old password, as long as you have write access to that file and can stop snmpd temporarily.
Also, if you remove a user's usmUser line (while snmpd is stopped), then as far as snmpd is concerned, that user no longer exists. So that's one way to delete net-snmp users without knowing the net-snmp admin password.
answered Apr 2 at 20:34
telcoM
10.6k11032
add a comment |Â
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
1
down vote
accepted
There is a configuration file that is maintained by net-snmp itself. On Debian Linux, it's at /var/lib/snmp/snmpd.conf; I don't know exactly where net-snmp puts it on Solaris. But that file contains user definitions as long lines, starting with the usmUser keyword. The user's password will be stored in encrypted/hashed form, so you cannot read it. But the username will be plainly readable on the line.
You should not edit the file while snmpd is running, as snmpd will then simply overwrite your changes. But when snmpd is stopped, you can edit the file to add a createUser line into it to create a new user - when snmpd is restarted, it will read the file, detect any createUser lines, encrypt the plain-text passwords on those lines, and then replace those createUser lines with corresponding usmUser lines. That way, you could add a new user with a known password and full admin access without knowing the old password, as long as you have write access to that file and can stop snmpd temporarily.
Also, if you remove a user's usmUser line (while snmpd is stopped), then as far as snmpd is concerned, that user no longer exists. So that's one way to delete net-snmp users without knowing the net-snmp admin password.
answered Apr 2 at 20:34
telcoM
10.6k11032
add a comment |Â
up vote
1
down vote
accepted
There is a configuration file that is maintained by net-snmp itself. On Debian Linux, it's at /var/lib/snmp/snmpd.conf; I don't know exactly where net-snmp puts it on Solaris. But that file contains user definitions as long lines, starting with the usmUser keyword. The user's password will be stored in encrypted/hashed form, so you cannot read it. But the username will be plainly readable on the line.
You should not edit the file while snmpd is running, as snmpd will then simply overwrite your changes. But when snmpd is stopped, you can edit the file to add a createUser line into it to create a new user - when snmpd is restarted, it will read the file, detect any createUser lines, encrypt the plain-text passwords on those lines, and then replace those createUser lines with corresponding usmUser lines. That way, you could add a new user with a known password and full admin access without knowing the old password, as long as you have write access to that file and can stop snmpd temporarily.
Also, if you remove a user's usmUser line (while snmpd is stopped), then as far as snmpd is concerned, that user no longer exists. So that's one way to delete net-snmp users without knowing the net-snmp admin password.
answered Apr 2 at 20:34
telcoM
10.6k11032
add a comment |Â
up vote
1
down vote
accepted
up vote
1
down vote
accepted
There is a configuration file that is maintained by net-snmp itself. On Debian Linux, it's at /var/lib/snmp/snmpd.conf; I don't know exactly where net-snmp puts it on Solaris. But that file contains user definitions as long lines, starting with the usmUser keyword. The user's password will be stored in encrypted/hashed form, so you cannot read it. But the username will be plainly readable on the line.
You should not edit the file while snmpd is running, as snmpd will then simply overwrite your changes. But when snmpd is stopped, you can edit the file to add a createUser line into it to create a new user - when snmpd is restarted, it will read the file, detect any createUser lines, encrypt the plain-text passwords on those lines, and then replace those createUser lines with corresponding usmUser lines. That way, you could add a new user with a known password and full admin access without knowing the old password, as long as you have write access to that file and can stop snmpd temporarily.
Also, if you remove a user's usmUser line (while snmpd is stopped), then as far as snmpd is concerned, that user no longer exists. So that's one way to delete net-snmp users without knowing the net-snmp admin password.
answered Apr 2 at 20:34
telcoM
10.6k11032
There is a configuration file that is maintained by net-snmp itself. On Debian Linux, it's at /var/lib/snmp/snmpd.conf; I don't know exactly where net-snmp puts it on Solaris. But that file contains user definitions as long lines, starting with the usmUser keyword. The user's password will be stored in encrypted/hashed form, so you cannot read it. But the username will be plainly readable on the line.
You should not edit the file while snmpd is running, as snmpd will then simply overwrite your changes. But when snmpd is stopped, you can edit the file to add a createUser line into it to create a new user - when snmpd is restarted, it will read the file, detect any createUser lines, encrypt the plain-text passwords on those lines, and then replace those createUser lines with corresponding usmUser lines. That way, you could add a new user with a known password and full admin access without knowing the old password, as long as you have write access to that file and can stop snmpd temporarily.
Also, if you remove a user's usmUser line (while snmpd is stopped), then as far as snmpd is concerned, that user no longer exists. So that's one way to delete net-snmp users without knowing the net-snmp admin password.
answered Apr 2 at 20:34
telcoM
10.6k11032
answered Apr 2 at 20:34
telcoM
10.6k11032
answered Apr 2 at 20:34
telcoM
10.6k11032
answered Apr 2 at 20:34
telcoM
10.6k11032
10.6k11032
add a comment |Â
add a comment |Â
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f435076%2freset-net-snmp-ive-forgotten-the-initial-user-password%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
