Does net-snmp support AES-192 and AES-256 encryption?

aes snmp net-snmp
Optimus picture Optimus · Sep 14, 2015 · Viewed 9.8k times · Source

The network device has been configured with snmpv3 users which uses AES192 as the privacy protocol.But when the following command is executed

snmpwalk -v3 -l authPriv -u user -a SHA -A authpass -x AES256 -X privpass device_ip:161 oid

It throws the following error

Invalid privacy protocol specified after -x flag: AES256

but when i tried using AES128 encryption the snmpwalk worked perfectly fine,which made me think if AES192&256 features are supported if not why was it not included.

Answer

Lex Li picture Lex Li · Sep 15, 2015

The original SNMP RFC documents do not require those.

Thus, along with other reasons Net-SNMP never supports them,

http://www.net-snmp.org/wiki/index.php/Strong_Authentication_or_Encryption

Update in 2019: In Aug 2018, net-snap 5.8 introduced support for such, please refer to the same link for more info.

Related questions

Java 256-bit AES Password-Based Encryption

I need to implement 256 bit AES encryption, but all the examples I have found online use a "KeyGenerator" to generate a 256 bit key, but I would like to use my own passkey. How can I create my own key? I …

Read More
Initial bytes incorrect after Java AES/CBC decryption

What's wrong with the following example? The problem is that the first part of the decrypted string is nonsense. However, the rest is fine, I get... Result: `£eB6O�geS��i are you? Have a nice day. @Test public void …

Read More
How to choose an AES encryption mode (CBC ECB CTR OCB CFB)?

Which of them are preferred in which circumstances? I'd like to see the list of evaluation crtieria for the various modes, and maybe a discussion of the applicability of each criterion. For example, I think one of the criteria is "…

Read More