Reset net-snmp? I've forgotten the initial user password
Clash Royale CLAN TAG#URR8PPP
up vote
0
down vote
favorite
I created an SNMP initial user several years ago for a project and have forgotten the password. Is there a way to reset net-snmp back to default, no users, and recreate the initial user and subsequent users?
This is on Solaris 10 and Solaris 11.3.
solaris snmp
add a comment |Â
up vote
0
down vote
favorite
I created an SNMP initial user several years ago for a project and have forgotten the password. Is there a way to reset net-snmp back to default, no users, and recreate the initial user and subsequent users?
This is on Solaris 10 and Solaris 11.3.
solaris snmp
add a comment |Â
up vote
0
down vote
favorite
up vote
0
down vote
favorite
I created an SNMP initial user several years ago for a project and have forgotten the password. Is there a way to reset net-snmp back to default, no users, and recreate the initial user and subsequent users?
This is on Solaris 10 and Solaris 11.3.
solaris snmp
I created an SNMP initial user several years ago for a project and have forgotten the password. Is there a way to reset net-snmp back to default, no users, and recreate the initial user and subsequent users?
This is on Solaris 10 and Solaris 11.3.
solaris snmp
asked Apr 2 at 16:07
user1712037
53117
53117
add a comment |Â
add a comment |Â
1 Answer
1
active
oldest
votes
up vote
1
down vote
accepted
There is a configuration file that is maintained by net-snmp
itself. On Debian Linux, it's at /var/lib/snmp/snmpd.conf
; I don't know exactly where net-snmp puts it on Solaris. But that file contains user definitions as long lines, starting with the usmUser
keyword. The user's password will be stored in encrypted/hashed form, so you cannot read it. But the username will be plainly readable on the line.
You should not edit the file while snmpd
is running, as snmpd
will then simply overwrite your changes. But when snmpd
is stopped, you can edit the file to add a createUser
line into it to create a new user - when snmpd
is restarted, it will read the file, detect any createUser
lines, encrypt the plain-text passwords on those lines, and then replace those createUser
lines with corresponding usmUser
lines. That way, you could add a new user with a known password and full admin access without knowing the old password, as long as you have write access to that file and can stop snmpd
temporarily.
Also, if you remove a user's usmUser
line (while snmpd
is stopped), then as far as snmpd
is concerned, that user no longer exists. So that's one way to delete net-snmp users without knowing the net-snmp admin password.
add a comment |Â
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
1
down vote
accepted
There is a configuration file that is maintained by net-snmp
itself. On Debian Linux, it's at /var/lib/snmp/snmpd.conf
; I don't know exactly where net-snmp puts it on Solaris. But that file contains user definitions as long lines, starting with the usmUser
keyword. The user's password will be stored in encrypted/hashed form, so you cannot read it. But the username will be plainly readable on the line.
You should not edit the file while snmpd
is running, as snmpd
will then simply overwrite your changes. But when snmpd
is stopped, you can edit the file to add a createUser
line into it to create a new user - when snmpd
is restarted, it will read the file, detect any createUser
lines, encrypt the plain-text passwords on those lines, and then replace those createUser
lines with corresponding usmUser
lines. That way, you could add a new user with a known password and full admin access without knowing the old password, as long as you have write access to that file and can stop snmpd
temporarily.
Also, if you remove a user's usmUser
line (while snmpd
is stopped), then as far as snmpd
is concerned, that user no longer exists. So that's one way to delete net-snmp users without knowing the net-snmp admin password.
add a comment |Â
up vote
1
down vote
accepted
There is a configuration file that is maintained by net-snmp
itself. On Debian Linux, it's at /var/lib/snmp/snmpd.conf
; I don't know exactly where net-snmp puts it on Solaris. But that file contains user definitions as long lines, starting with the usmUser
keyword. The user's password will be stored in encrypted/hashed form, so you cannot read it. But the username will be plainly readable on the line.
You should not edit the file while snmpd
is running, as snmpd
will then simply overwrite your changes. But when snmpd
is stopped, you can edit the file to add a createUser
line into it to create a new user - when snmpd
is restarted, it will read the file, detect any createUser
lines, encrypt the plain-text passwords on those lines, and then replace those createUser
lines with corresponding usmUser
lines. That way, you could add a new user with a known password and full admin access without knowing the old password, as long as you have write access to that file and can stop snmpd
temporarily.
Also, if you remove a user's usmUser
line (while snmpd
is stopped), then as far as snmpd
is concerned, that user no longer exists. So that's one way to delete net-snmp users without knowing the net-snmp admin password.
add a comment |Â
up vote
1
down vote
accepted
up vote
1
down vote
accepted
There is a configuration file that is maintained by net-snmp
itself. On Debian Linux, it's at /var/lib/snmp/snmpd.conf
; I don't know exactly where net-snmp puts it on Solaris. But that file contains user definitions as long lines, starting with the usmUser
keyword. The user's password will be stored in encrypted/hashed form, so you cannot read it. But the username will be plainly readable on the line.
You should not edit the file while snmpd
is running, as snmpd
will then simply overwrite your changes. But when snmpd
is stopped, you can edit the file to add a createUser
line into it to create a new user - when snmpd
is restarted, it will read the file, detect any createUser
lines, encrypt the plain-text passwords on those lines, and then replace those createUser
lines with corresponding usmUser
lines. That way, you could add a new user with a known password and full admin access without knowing the old password, as long as you have write access to that file and can stop snmpd
temporarily.
Also, if you remove a user's usmUser
line (while snmpd
is stopped), then as far as snmpd
is concerned, that user no longer exists. So that's one way to delete net-snmp users without knowing the net-snmp admin password.
There is a configuration file that is maintained by net-snmp
itself. On Debian Linux, it's at /var/lib/snmp/snmpd.conf
; I don't know exactly where net-snmp puts it on Solaris. But that file contains user definitions as long lines, starting with the usmUser
keyword. The user's password will be stored in encrypted/hashed form, so you cannot read it. But the username will be plainly readable on the line.
You should not edit the file while snmpd
is running, as snmpd
will then simply overwrite your changes. But when snmpd
is stopped, you can edit the file to add a createUser
line into it to create a new user - when snmpd
is restarted, it will read the file, detect any createUser
lines, encrypt the plain-text passwords on those lines, and then replace those createUser
lines with corresponding usmUser
lines. That way, you could add a new user with a known password and full admin access without knowing the old password, as long as you have write access to that file and can stop snmpd
temporarily.
Also, if you remove a user's usmUser
line (while snmpd
is stopped), then as far as snmpd
is concerned, that user no longer exists. So that's one way to delete net-snmp users without knowing the net-snmp admin password.
answered Apr 2 at 20:34
telcoM
10.6k11032
10.6k11032
add a comment |Â
add a comment |Â
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f435076%2freset-net-snmp-ive-forgotten-the-initial-user-password%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password