10-01-2024 01:17 AM
Hi!
I know that the snmp v3 user is not visable in the configuration for ios XE, but is there any way of extracting the password hash so that it can be copied to other routers?
I am looking at templating a router configuration via python/inja2 and it would be useful to be able have the snmp user in the template but without using the actual password.
I am trying to avoid the use of a vault type solution.
10-01-2024 03:09 AM
- That is not possible because of security you could for instance have a generic template as in:
snmp-server group {{ snmp_group }} v3 priv
snmp-server user {{ snmp_user }} {{ snmp_group }} v3 auth sha {{ auth_password }} priv aes 128 {{ priv_password }}
And then use a Python script with actual values :
from jinja2 import Template
template = Template('''
snmp-server group {{ snmp_group }} v3 priv
snmp-server user {{ snmp_user }} {{ snmp_group }} v3 auth sha {{ auth_password }} priv aes 128 {{ priv_password }}
''')
config = template.render(
snmp_group='YOUR_SNMP_GROUP',
snmp_user='YOUR_SNMP_USER',
auth_password='YOUR_AUTH_PASSWORD',
priv_password='YOUR_PRIV_PASSWORD'
)
print(config)
M.
10-01-2024 04:19 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide