# [SOLVED] SNMPv3 Unknown user name?!

## humbletech99

I've installed net-snmp and was sure this was working with SNMPv3 user authentication on Friday. Suddenly it does not seem to be working today.

I stop the snmpd daemon, then type the following:

```
net-snmp-config --create-snmpv3-user -ro -A mypassword -a SHA -X mypassword -x AES myuser
```

which adds a line to the end of /var/lib/net-snmp/snmpd.conf as follows:

```
createUser myuser SHA "mypassword" AES mypassword
```

I have also added the following line to /etc/snmp/snmpd.conf:

```
rouser myuser
```

then I start snmpd as follows:

```
snmpd -Lo -C -c /etc/snmp/snmpd.conf -f
```

the problem is that when trying to do an snmpwalk I get the following error: 

```
snmpwalk -v 3 -u myuser -l authPriv -A mypassword -a SHA -X mypassword -x AES localhost

snmpwalk: Unknown user name
```

I notice in /var/lib/net-snmp/snmpd.conf that the line createuser is removed but no other lines are added, no usm line is added!

I've done all of this before last week and it worked, I don't understand why it's not working now. I wrote a script of my steps as I did this and verified that it worked, I am a bit confused as to what if anything I am missing.

I'm not sure if there is one or two problems here, because not only is snmpd swallowing the user, but when repeating the snmpwalk operation when the daemon was shut down I got exactly the same error.

Any ideas on this weirdness?

----------

## danyer

check at the bottom of /var/lib/net-snmp/snmpd.conf (scroll down, after the empty lines).

The usm entry might be there. snmpd transforms createUsers in usm entries, but it puts them at the end of the file AFTER INSERTING a couple of EMPTY lines.

From man page of snmpd.conf:

The reason  is  that  the information is read from the file and then

the line is removed (eliminating the storage of the master pass‐

word  for  that  user) and replaced with the key that is derived

from it.  This key is a localized key, so that if it  is  stolen

it  can  not be used to access other agents.  If the password is

stolen, however, it can be.

It does that, but, at least on my computer, it inserts also some empty lines, so you might not see the last line on screen, you'll see just a bunch of empty lines and you'll be tricked into thinking that there is nothing after them, but it is.

Good luck,

Dan.

----------

## humbletech99

I sorted this out by removing the -C switch, despite this being contrary to what is written on gentoo-wiki. But this is also strange because I used this switch before and it still worked, but anyway, I got it, thanks.

----------

