1encode_keychange(1)                Net-SNMP                encode_keychange(1)
2
3
4

NAME

6       encode_keychange - produce the KeyChange string for SNMPv3
7

SYNOPSIS

9       encode_keychange -t md5|sha1 [OPTIONS]
10

DESCRIPTION

12       encode_keychange  produces  a  KeyChange  string  using the old and new
13       passphrases as described in Section 5 of RFC 2274 "User-based  Security
14       Model  (USM)  for  version  3 of the Simple Network Management Protocol
15       (SNMPv3)". -t option is mandatory and specifies the hash transform type
16       to use.
17
18       The  transform  is used to convert passphrase to master key for a given
19       user (Ku), convert master key to the localized key (Kul), and  to  hash
20       the old Kul with the random bits.
21
22       Passphrases are obtained by examining a number of sources until success
23       (in order listed):
24
25              command line options (see -N and -O options below);
26
27              the file $HOME/.snmp/passphrase.ek which should only contain two
28              lines with old and new passphrase;
29
30              standard input -or-  user input from the terminal.
31

OPTIONS

33       -E [0x]<engineID> EngineID used for Kul generation.
34              <engineID>  is  intepreted  as a hex string when preceded by 0x,
35              otherwise it is treated as a text string. If  no  <engineID>  is
36              specified,  it  is constructed from the first IP address for the
37              local host.
38
39       -f     Force passphrases to be read from standard input.
40
41       -h     Display the help message.
42
43       -N "<new_passphrase>"
44              Passphrase used to generate the new Ku.
45
46       -O "<old_passphrase>"
47              Passphrase used to generate the old Ku.
48
49       -P     Turn off the prompt for passphrases when getting data from stan‐
50              dard input.
51
52       -v     Be verbose.
53
54       -V     Echo passphrases to terminal.
55

SEE ALSO

57       The  localized key method is defined in RFC 2274, Sections 2.6 and A.2,
58       and originally documented in
59
60              U. Blumenthal, N. C. Hien, B. Wijnen, "Key Derivation  for  Net‐
61              work  Management Applications", IEEE Network Magazine, April/May
62              issue, 1997.
63
64
65
66V5.9                              16 Nov 2006              encode_keychange(1)
Impressum