snmpv3 auth/priv password length - SNMP

This is a discussion on snmpv3 auth/priv password length - SNMP ; hi, is there any standard (rfc) mentioning about minimum snmpv3 auth/priv password length has to be 8 characters? snmpc (castle rock) and net-snmp have this as requirement. any hints would be greatly appreciated. thanks....

+ Reply to Thread
Results 1 to 3 of 3

Thread: snmpv3 auth/priv password length

  1. snmpv3 auth/priv password length

    hi,
    is there any standard (rfc) mentioning about minimum snmpv3 auth/priv
    password length has to be 8 characters?
    snmpc (castle rock) and net-snmp have this as requirement.

    any hints would be greatly appreciated.

    thanks.

  2. Re: snmpv3 auth/priv password length

    See RFC 3414 11.2 Defining Users:

    If the Appendix A algorithm is used, SNMP
    implementations (and SNMP configuration applications) must ensure
    that passwords are at least 8 characters in length. Please note that
    longer passwords with repetitive strings may result in exactly the
    same key. For example, a password 'bertbert' will result in exactly
    the same key as password 'bertbertbert'.

    In other words, if you use 'bertbert' as password it results in the same
    key as if you would have used 'bert'. Consequently, you can work-around
    the min. 8 characters limitation, although it would not make your key very
    secure.

    Regards,
    Frank Fock

    lunar dee wrote:

    >hi,
    >is there any standard (rfc) mentioning about minimum snmpv3 auth/priv
    >password length has to be 8 characters?
    >snmpc (castle rock) and net-snmp have this as requirement.
    >
    >any hints would be greatly appreciated.
    >
    >thanks.
    >
    >



  3. Re: snmpv3 auth/priv password length

    thanks, Frank.
    i don't know why i missed that part when reading the doc.

    just out of my curiousity regarding the "bert" repetition:
    does this hold true for a password like "aaaaaaaa"?
    will it result the same thing when a user puts "aaaaaaaaaaaa" (longer
    than that of the original) as password?

    thanks.

+ Reply to Thread