Technical Documentation

Configuring the Encryption Type

By default, encryption is set to none.

Note: Before you configure encryption, you must configure MD5 or SHA authentication.

Before you configure the privacy-3des and privacy-aes128 statements, you must install the jcrypto package.

This topic includes the following sections:

Configuring the Advanced Encryption Standard Algorithm

To configure the Advanced Encryption Standard (AES) algorithm for an SNMPv3 user, include the privacy-aes128 statement at the [edit snmp v3 usm local-engine user username] hierarchy level:

[edit snmp v3 usm local-engine user username]privacy-aes128 {privacy-password privacy-password;}

privacy-password is the password used to generate the key used for encryption.

SNMPv3 has special requirements when you create plain-text passwords on a router or switch:

  • The password must be at least eight characters long.
  • The password can include alphabetic, numeric, and special characters, but it cannot include control characters.

Configuring the Data Encryption Algorithm

To configure the data encryption algorithm (DES) for an SNMPv3 user, include the privacy-des statement at the [edit snmp v3 usm local-engine user username] hierarchy level:

[edit snmp v3 usm local-engine user username]privacy-des {privacy-password privacy-password;}

privacy-password is the password used to generate the key used for encryption.

SNMPv3 has special requirements when you create plain-text passwords on a router or switch:

  • The password must be at least eight characters long.
  • The password can include alphabetic, numeric, and special characters, but it cannot include control characters.

Configuring Triple DES

To configure triple DES for an SNMPv3 user, include the privacy-3des statement at the [edit snmp v3 usm local-engine user username] hierarchy level:

[edit snmp v3 usm local-engine user username]privacy-3des {privacy-password privacy-password;}

privacy-password is the password used to generate the key used for encryption.

SNMPv3 has special requirements when you create plain-text passwords on a router or switch:

  • The password must be at least eight characters long.
  • The password can include alphabetic, numeric, and special characters, but it cannot include control characters.

Configuring No Encryption

To configure no encryption for an SNMPv3 user, include the privacy-none statement at the [edit snmp v3 usm local-engine user username] hierarchy level:

[edit snmp v3 usm local-engine user username]privacy-none;

Published: 2010-04-27