Reset net-snmp? I've forgotten the initial user password

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
0
down vote

favorite












I created an SNMP initial user several years ago for a project and have forgotten the password. Is there a way to reset net-snmp back to default, no users, and recreate the initial user and subsequent users?
This is on Solaris 10 and Solaris 11.3.







share|improve this question
























    up vote
    0
    down vote

    favorite












    I created an SNMP initial user several years ago for a project and have forgotten the password. Is there a way to reset net-snmp back to default, no users, and recreate the initial user and subsequent users?
    This is on Solaris 10 and Solaris 11.3.







    share|improve this question






















      up vote
      0
      down vote

      favorite









      up vote
      0
      down vote

      favorite











      I created an SNMP initial user several years ago for a project and have forgotten the password. Is there a way to reset net-snmp back to default, no users, and recreate the initial user and subsequent users?
      This is on Solaris 10 and Solaris 11.3.







      share|improve this question












      I created an SNMP initial user several years ago for a project and have forgotten the password. Is there a way to reset net-snmp back to default, no users, and recreate the initial user and subsequent users?
      This is on Solaris 10 and Solaris 11.3.









      share|improve this question











      share|improve this question




      share|improve this question










      asked Apr 2 at 16:07









      user1712037

      53117




      53117




















          1 Answer
          1






          active

          oldest

          votes

















          up vote
          1
          down vote



          accepted










          There is a configuration file that is maintained by net-snmp itself. On Debian Linux, it's at /var/lib/snmp/snmpd.conf; I don't know exactly where net-snmp puts it on Solaris. But that file contains user definitions as long lines, starting with the usmUser keyword. The user's password will be stored in encrypted/hashed form, so you cannot read it. But the username will be plainly readable on the line.



          You should not edit the file while snmpd is running, as snmpd will then simply overwrite your changes. But when snmpd is stopped, you can edit the file to add a createUser line into it to create a new user - when snmpd is restarted, it will read the file, detect any createUser lines, encrypt the plain-text passwords on those lines, and then replace those createUser lines with corresponding usmUser lines. That way, you could add a new user with a known password and full admin access without knowing the old password, as long as you have write access to that file and can stop snmpd temporarily.



          Also, if you remove a user's usmUser line (while snmpd is stopped), then as far as snmpd is concerned, that user no longer exists. So that's one way to delete net-snmp users without knowing the net-snmp admin password.






          share|improve this answer




















            Your Answer







            StackExchange.ready(function()
            var channelOptions =
            tags: "".split(" "),
            id: "106"
            ;
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function()
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled)
            StackExchange.using("snippets", function()
            createEditor();
            );

            else
            createEditor();

            );

            function createEditor()
            StackExchange.prepareEditor(
            heartbeatType: 'answer',
            convertImagesToLinks: false,
            noModals: false,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: null,
            bindNavPrevention: true,
            postfix: "",
            onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            );



            );








             

            draft saved


            draft discarded


















            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f435076%2freset-net-snmp-ive-forgotten-the-initial-user-password%23new-answer', 'question_page');

            );

            Post as a guest






























            1 Answer
            1






            active

            oldest

            votes








            1 Answer
            1






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes








            up vote
            1
            down vote



            accepted










            There is a configuration file that is maintained by net-snmp itself. On Debian Linux, it's at /var/lib/snmp/snmpd.conf; I don't know exactly where net-snmp puts it on Solaris. But that file contains user definitions as long lines, starting with the usmUser keyword. The user's password will be stored in encrypted/hashed form, so you cannot read it. But the username will be plainly readable on the line.



            You should not edit the file while snmpd is running, as snmpd will then simply overwrite your changes. But when snmpd is stopped, you can edit the file to add a createUser line into it to create a new user - when snmpd is restarted, it will read the file, detect any createUser lines, encrypt the plain-text passwords on those lines, and then replace those createUser lines with corresponding usmUser lines. That way, you could add a new user with a known password and full admin access without knowing the old password, as long as you have write access to that file and can stop snmpd temporarily.



            Also, if you remove a user's usmUser line (while snmpd is stopped), then as far as snmpd is concerned, that user no longer exists. So that's one way to delete net-snmp users without knowing the net-snmp admin password.






            share|improve this answer
























              up vote
              1
              down vote



              accepted










              There is a configuration file that is maintained by net-snmp itself. On Debian Linux, it's at /var/lib/snmp/snmpd.conf; I don't know exactly where net-snmp puts it on Solaris. But that file contains user definitions as long lines, starting with the usmUser keyword. The user's password will be stored in encrypted/hashed form, so you cannot read it. But the username will be plainly readable on the line.



              You should not edit the file while snmpd is running, as snmpd will then simply overwrite your changes. But when snmpd is stopped, you can edit the file to add a createUser line into it to create a new user - when snmpd is restarted, it will read the file, detect any createUser lines, encrypt the plain-text passwords on those lines, and then replace those createUser lines with corresponding usmUser lines. That way, you could add a new user with a known password and full admin access without knowing the old password, as long as you have write access to that file and can stop snmpd temporarily.



              Also, if you remove a user's usmUser line (while snmpd is stopped), then as far as snmpd is concerned, that user no longer exists. So that's one way to delete net-snmp users without knowing the net-snmp admin password.






              share|improve this answer






















                up vote
                1
                down vote



                accepted







                up vote
                1
                down vote



                accepted






                There is a configuration file that is maintained by net-snmp itself. On Debian Linux, it's at /var/lib/snmp/snmpd.conf; I don't know exactly where net-snmp puts it on Solaris. But that file contains user definitions as long lines, starting with the usmUser keyword. The user's password will be stored in encrypted/hashed form, so you cannot read it. But the username will be plainly readable on the line.



                You should not edit the file while snmpd is running, as snmpd will then simply overwrite your changes. But when snmpd is stopped, you can edit the file to add a createUser line into it to create a new user - when snmpd is restarted, it will read the file, detect any createUser lines, encrypt the plain-text passwords on those lines, and then replace those createUser lines with corresponding usmUser lines. That way, you could add a new user with a known password and full admin access without knowing the old password, as long as you have write access to that file and can stop snmpd temporarily.



                Also, if you remove a user's usmUser line (while snmpd is stopped), then as far as snmpd is concerned, that user no longer exists. So that's one way to delete net-snmp users without knowing the net-snmp admin password.






                share|improve this answer












                There is a configuration file that is maintained by net-snmp itself. On Debian Linux, it's at /var/lib/snmp/snmpd.conf; I don't know exactly where net-snmp puts it on Solaris. But that file contains user definitions as long lines, starting with the usmUser keyword. The user's password will be stored in encrypted/hashed form, so you cannot read it. But the username will be plainly readable on the line.



                You should not edit the file while snmpd is running, as snmpd will then simply overwrite your changes. But when snmpd is stopped, you can edit the file to add a createUser line into it to create a new user - when snmpd is restarted, it will read the file, detect any createUser lines, encrypt the plain-text passwords on those lines, and then replace those createUser lines with corresponding usmUser lines. That way, you could add a new user with a known password and full admin access without knowing the old password, as long as you have write access to that file and can stop snmpd temporarily.



                Also, if you remove a user's usmUser line (while snmpd is stopped), then as far as snmpd is concerned, that user no longer exists. So that's one way to delete net-snmp users without knowing the net-snmp admin password.







                share|improve this answer












                share|improve this answer



                share|improve this answer










                answered Apr 2 at 20:34









                telcoM

                10.6k11032




                10.6k11032






















                     

                    draft saved


                    draft discarded


























                     


                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function ()
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f435076%2freset-net-snmp-ive-forgotten-the-initial-user-password%23new-answer', 'question_page');

                    );

                    Post as a guest













































































                    Popular posts from this blog

                    How to check contact read email or not when send email to Individual?

                    Displaying single band from multi-band raster using QGIS

                    How many registers does an x86_64 CPU actually have?