SNMP Configuration
Introduction
Simple Network Management Secure (SNMP) is described in detail elsewhere, see TBA.
For a general definition see: http://en.wikipedia.org/wiki/snmp, but more comprehensive information is available from http://TBA.
The following guidance might be useful in helping to configure SNMP on a Linux server (but is not yet complete).
My SNMP Configuration
Essentially the standard installation procedure as described in TBA link in the table at the bottom of the page was followed.
Log in as root for all of the following configuration activities.
Certificate Creation
Configuring SNMP on host
from: http://www.it-slav.net/blogs/2008/11/11/install-and-configure-snmp-on-rhel-or-centos/
[root@host init.d]# yum install net-snmp-utils
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* addons: mirror.sov.uk.goscomb.net
* base: mirror.sov.uk.goscomb.net
* extras: mirror.sov.uk.goscomb.net
* updates: mirror.sov.uk.goscomb.net
Setting up Install Process
Resolving Dependencies
== Running transaction check
=== Package net-snmp-utils.i386 1:5.3.2.2-7.el5_4.2 set to be updated
== Processing Dependency: net-snmp = 1:5.3.2.2-7.el5_4.2 for package: net-snmp-utils
== Running transaction check
=== Package net-snmp.i386 1:5.3.2.2-7.el5_4.2 set to be updated
== Processing Dependency: net-snmp-libs = 1:5.3.2.2-7.el5_4.2 for package: net-snmp
== Processing Dependency: libsensors.so.3 for package: net-snmp
== Running transaction check
=== Package lm_sensors.i386 0:2.10.7-4.el5 set to be updated
=== Package net-snmp-libs.i386 1:5.3.2.2-7.el5_4.2 set to be updated
== Finished Dependency Resolution
Dependencies Resolved
======================================================================================================================================
Package Arch Version Repository Size
======================================================================================================================================
Installing:
net-snmp-utils i386 1:5.3.2.2-7.el5_4.2 updates 185 k
Installing for dependencies:
lm_sensors i386 2.10.7-4.el5 base 513 k
net-snmp i386 1:5.3.2.2-7.el5_4.2 updates 696 k
Updating for dependencies:
net-snmp-libs i386 1:5.3.2.2-7.el5_4.2 updates 1.3 M
Transaction Summary
======================================================================================================================================
Install 3 Package(s)
Update 1 Package(s)
Remove 0 Package(s)
Total download size: 2.6 M
Is this ok [y/N]: y
Downloading Packages:
(1/4): net-snmp-utils-5.3.2.2-7.el5_4.2.i386.rpm | 185 kB 00:00
(2/4): lm_sensors-2.10.7-4.el5.i386.rpm | 513 kB 00:01
(3/4): net-snmp-5.3.2.2-7.el5_4.2.i386.rpm | 696 kB 00:01
(4/4): net-snmp-libs-5.3.2.2-7.el5_4.2.i386.rpm | 1.3 MB 00:02
--------------------------------------------------------------------------------------------------------------------------------------
Total 427 kB/s | 2.6 MB 00:06
warning: rpmts_HdrFromFdno: Header V3 DSA signature: NOKEY, key ID e8562897
base/gpgkey | 1.5 kB 00:00
Importing GPG key 0xE8562897 "CentOS-5 Key (CentOS 5 Official Signing Key) " from /etc/pki/rpm-gpg/RPM-GPG-KE Y-CentOS-5
Is this ok [y/N]: y
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Updating : net-snmp-libs 1/5
Installing : lm_sensors 2/5
Installing : net-snmp 3/5
Installing : net-snmp-utils 4/5
Cleanup : net-snmp-libs 5/5
Installed:
net-snmp-utils.i386 1:5.3.2.2-7.el5_4.2
Dependency Installed:
lm_sensors.i386 0:2.10.7-4.el5 net-snmp.i386 1:5.3.2.2-7.el5_4.2
Dependency Updated:
net-snmp-libs.i386 1:5.3.2.2-7.el5_4.2
Complete!
[root@host init.d]# cd /etc/snmp/
[root@host snmp]# pwd
/etc/snmp
[root@host snmp]# ll
total 24
-rw-r--r-- 1 root root 18579 Oct 20 23:52 snmpd.conf
[root@host snmp]# cp snmpd.conf snmpd.conf.orig
[root@host snmp]# vi snmpd.conf
[root@host init.d]#
[root@host snmp]# ll
total 48
-rw-r--r-- 1 root root 18519 Mar 10 10:44 snmpd.conf
-rw-r--r-- 1 root root 18579 Mar 10 10:37 snmpd.conf.orig
[root@host snmp]#
[root@host snmp]# service snmpd start
Starting snmpd: [ OK ]
[root@host snmp]#
Configure to restart on system reboot in the normal manner:
[root@host snmp]# chkconfig snmpd on
[root@host snmp]# chkconfig --list | grep snmp
snmpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
snmptrapd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
[root@host snmp]#
Testing
Use snmpwalk to retrive some information in the MIB:
[root@host snmp]# snmpwalk -v 1 -c public -O e 127.0.0.1
SNMPv2-MIB::sysDescr.0 = STRING: Linux host 2.6.18-164.el5xen #1 SMP Thu Sep 3 04:47:32 EDT 2009 i686
SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.10
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (7092) 0:01:10.92
SNMPv2-MIB::sysContact.0 = STRING: Root
SNMPv2-MIB::sysName.0 = STRING: host
SNMPv2-MIB::sysLocation.0 = STRING: "family room"
SNMPv2-MIB::sysORLastChange.0 = Timeticks: (10) 0:00:00.10
SNMPv2-MIB::sysORID.1 = OID: SNMPv2-MIB::snmpMIB
SNMPv2-MIB::sysORID.2 = OID: TCP-MIB::tcpMIB
SNMPv2-MIB::sysORID.3 = OID: IP-MIB::ip
SNMPv2-MIB::sysORID.4 = OID: UDP-MIB::udpMIB
SNMPv2-MIB::sysORID.5 = OID: SNMP-VIEW-BASED-ACM-MIB::vacmBasicGroup
SNMPv2-MIB::sysORID.6 = OID: SNMP-FRAMEWORK-MIB::snmpFrameworkMIBCompliance
SNMPv2-MIB::sysORID.7 = OID: SNMP-MPD-MIB::snmpMPDCompliance
SNMPv2-MIB::sysORID.8 = OID: SNMP-USER-BASED-SM-MIB::usmMIBCompliance
SNMPv2-MIB::sysORDescr.1 = STRING: The MIB module for SNMPv2 entities
SNMPv2-MIB::sysORDescr.2 = STRING: The MIB module for managing TCP implementations
SNMPv2-MIB::sysORDescr.3 = STRING: The MIB module for managing IP and ICMP implementations
SNMPv2-MIB::sysORDescr.4 = STRING: The MIB module for managing UDP implementations
SNMPv2-MIB::sysORDescr.5 = STRING: View-based Access Control Model for SNMP.
SNMPv2-MIB::sysORDescr.6 = STRING: The SNMP Management Architecture MIB.
SNMPv2-MIB::sysORDescr.7 = STRING: The MIB for Message Processing and Dispatching.
SNMPv2-MIB::sysORDescr.8 = STRING: The management information definitions for the SNMP User-based Security Model.
SNMPv2-MIB::sysORUpTime.1 = Timeticks: (10) 0:00:00.10
SNMPv2-MIB::sysORUpTime.2 = Timeticks: (10) 0:00:00.10
SNMPv2-MIB::sysORUpTime.3 = Timeticks: (10) 0:00:00.10
SNMPv2-MIB::sysORUpTime.4 = Timeticks: (10) 0:00:00.10
SNMPv2-MIB::sysORUpTime.5 = Timeticks: (10) 0:00:00.10
SNMPv2-MIB::sysORUpTime.6 = Timeticks: (10) 0:00:00.10
SNMPv2-MIB::sysORUpTime.7 = Timeticks: (10) 0:00:00.10
SNMPv2-MIB::sysORUpTime.8 = Timeticks: (10) 0:00:00.10
HOST-RESOURCES-MIB::hrSystemUptime.0 = Timeticks: (1022537) 2:50:25.37
End of MIB
[root@host snmp]#
Conclusion
SNMP successfully configuration (in a basic mode). Secturity can be added by editing the
/etc/snmp/snmpd.conf file.
General Links
The following general links are useful references when setting up SNMP: