0

I just installed a server with Alma 9 and SNMPv3 is no longer working.
My devices are all with `MD5` and `DES`. With Alma 8 everything works OK, but when I try to use the same command in Alma 9, it gives me an error.
The command: 
snmpwalk -v3  -l authPriv -u public -a MD5 -A "pass1"  -x DES -X "pass2" 10.1.11.21

When I use it on Alma 9: Invalid privacy protocol specified after -3x flag: DES
SNMP on Alma 8: 5.8-25
SNMP on Alma 9: 5.9-1
Is there any news about this no longer being available? A way that I can use this protocol so that I don't have to change on all my devices?

Romeo Ninov
  • 5,263
  • 4
  • 20
  • 26
Carlos Parisotto
  • 35
  • 1
  • 6

1 Answers1

2

Per the upstream RHEL 9 considerations and changes documentation:

Data Encryption Standard (DES) algorithm is not available for net-snmp communication in Red Hat Enterprise Linux 9

In previous versions of RHEL, DES was used as an encryption algorithm for secure communication between net-snmp clients and servers. In RHEL 9, the DES algorithm isn’t supported by the OpenSSL library. The algorithm is marked as insecure and the DES support for net-snmp has therefore been removed.

Update your devices, that crypto is insecure.

Using EL8 for now gives some time to transition, but not forever. An enterprise distro removing an algorithm completely means it is not going to be available much longer, with supported software.

John Mahowald
  • 32,050
  • 2
  • 19
  • 34