SNMP v3 users not shown in running-config

Ralf sent me a SNMPv3 question:
If I create a SNMPv3 user which has a password (snmp-server user userthree groupthree v3 auth md5 user3passwd), this user does not appear in the running- or startup-config. Cisco even documents this if you know what to look for.

I strongly suspect (although I did not test this) that these users are also missing from configuration exported to TFTP servers. What would be the recommended way to make usable config backups of routers with such users?
Like certificates, the SNMPv3 users are stored in private-config and thus never appear in the router configuration. If you want to have a backup of the user data, create a text file on one of your NMS servers, add SNMPv3 usernames and passwords in the text file and use the copy somewhere running-config to configure SNMPv3 users on the routers.
This article is part of You've asked for it series.

4 comments:

  1. Good good good......
  2. We replaced a SUP card and never replaced the SNMPv3 user information. LMS was able to monitor the switch for seven days with no user information. Why is this?
  3. Use "sh snmp user" to see snmp users
Add comment
Sidebar