Does net-snmp support AES-192 and AES-256 encryption?

Optimus picture Optimus · Sep 14, 2015 · Viewed 9.8k times · Source

The network device has been configured with snmpv3 users which uses AES192 as the privacy protocol.But when the following command is executed

snmpwalk -v3 -l authPriv -u user -a SHA -A authpass -x AES256 -X privpass device_ip:161 oid

It throws the following error

Invalid privacy protocol specified after -x flag: AES256

but when i tried using AES128 encryption the snmpwalk worked perfectly fine,which made me think if AES192&256 features are supported if not why was it not included.

Answer

Lex Li picture Lex Li · Sep 15, 2015

The original SNMP RFC documents do not require those.

Thus, along with other reasons Net-SNMP never supports them,

http://www.net-snmp.org/wiki/index.php/Strong_Authentication_or_Encryption

Update in 2019: In Aug 2018, net-snap 5.8 introduced support for such, please refer to the same link for more info.