Project

General

Profile

Actions

Feature #14901

open

Feature request - Adding in the GUI the advanced SHA and AES values for SNMPv3

Added by Wolfgang Thegreat about 1 year ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
NET-SNMP
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:

Description

I post this following this community forum post I published - https://forum.netgate.com/topic/183532/setting-advanced-sha-and-aes-for-snmpv3

Today, at pfSense version 2.7.0, there are the following SNMP user values to select from:
SNMPv3 USM User Configuration >
Authentication Type - either SHA or MD5 (which is counted as not secure anymore)
Privacy Protocol - either AES or DES or None (DES is also counted as non secure anymore)

At the GUI details for net-snmp at the Package Manager section, it is stated:
This package version: 0.1.5_11
Package Dependencies: net-snmp-5.9.1_3,1 (a link to https://www.freshports.org/net-mgmt/net-snmp)

Per http://www.net-snmp.org/wiki/index.php/Strong_Authentication_or_Encryption - it looks like for both SHA and EAS, advanced and stronger versions are supported since version 5.8 of net-snmp (and the package use version 5.9.1).

So, I ask to add to the pfSense GUI the advanced SHA and AES values, all the values supported by the underlying "engines", so we can select to apply them in pfSense and get a better security for our SNMP activity.

Also, consider removing and not-adding any values that are counted as not secure, like MD5 and DES, as two examples.

Thank you!

No data to display

Actions

Also available in: Atom PDF