Generates SNMPv3 hashes as described in rfc3414 suitable for use with ESXi and other SNMP daemons
Project description
A script to generate SNMPv3 keys as detailed by rfc3414 (passphrases expanded with a kdf, then hashed with the engine id). All key generation is done using the new cryptographically secure secrets library.
As I wrote this with ESXi in mind, it also emits a string suitable for configuring the SNMP daemon via esxcli/PowerCLI, but the hashes are standard and compatible with other SNMPv3 implementations.
With no arguments, it will generate an authentication and privacy passphrase with associated random engine ID in text form. –json will format the output as json.
The script is fully idempotent; if you take the parameters it generates randomly and re-enter them, you will get the same output a second time.
Dependencies
Runtime: Python 3.6 or greater.
Sample Output
Standard
User: observium Auth: gaYA82XVtNaf3WLwRgoIs544ghP6f80S / f78359764ca382922fa382cf884e588031de575a Priv: H5XEtRpxXVaGzXU5i2rFwPnYGr8SEzTp / 31a001a56a225fdfc1916bd60190405a1aa22ff0 Engine: 7ae1b0ff0aa2f3950566d3de2274d05a ESXi USM String: observium/f78359764ca382922fa382cf884e588031de575a/31a001a56a225fdfc1916bd60190405a1aa22ff0/authpriv
JSON
{
"user": "observium",
"engine": "b2a50167b7c8512ddfc9d5765a3490af",
"phrases": {
"auth": "71rOhjfj6QVSy2mw5tBo7PueZ8KWSv60",
"priv": "xwsvzht8NEcuwAlEpUKzMxKFWeH72sK9"
},
"hashes": {
"auth": "fa0d5249293404502f9953b9514d0636a96c2cbc",
"priv": "cccbdcfa603817df340514ecc22dfae8c4c412e8"
},
"esxi": "observium/fa0d5249293404502f9953b9514d0636a96c2cbc/cccbdcfa603817df340514ecc22dfae8c4c412e8/authpriv"}
It should go without saying, but DO NOT use the engine id or passphrases in the samples.
Usage
usage: snmpv3-hashgen [-h] [--auth AUTH] [--priv PRIV] [--engine ENGINE]
[--user USER] [--mode {authpriv,auth,priv,none}]
[--hash {md5,sha1}] [--json]
Convert an SNMPv3 auth or priv passphrase to sha1 or md5 hashes
optional arguments:
-h, --help show this help message and exit
--auth AUTH Authentication passphrase to be derived as a string
--priv PRIV Privacy passphrase to be derived as a string
--engine ENGINE Engine ID as hex string
--user USER SNMPv3 USM username (default "observium")
--mode {authpriv,auth,priv,none}
SNMPv3 mode (default "authpriv")
--hash {md5,sha1} Hash algorithm to use (default "sha1")
--json Emit output as json
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file SNMPv3 Hash Generator-0.2.tar.gz.
File metadata
- Download URL: SNMPv3 Hash Generator-0.2.tar.gz
- Upload date:
- Size: 4.2 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
11ea3433993923ace28e0cff42cd7f242ac357892aac914345590343aea599b0
|
|
| MD5 |
9d65eb680e1a07c8e934a86214b03600
|
|
| BLAKE2b-256 |
74599f60d2fb7027efc70306649acd8524b19b30125f90f2180e027936878a8f
|
File details
Details for the file SNMPv3_Hash_Generator-0.2-py3-none-any.whl.
File metadata
- Download URL: SNMPv3_Hash_Generator-0.2-py3-none-any.whl
- Upload date:
- Size: 7.4 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
738edc90bac237d1030f456656044f58082bf618a57376c8329f5652a7e6f06e
|
|
| MD5 |
6447b203df549d882d3dbec6e74f8db2
|
|
| BLAKE2b-256 |
eac1a8e935bb777f0bc40095ec40e537aaa17bfa34ec1ff444ecb69ec8ed5f2b
|
