How to install snmpd service for Ubuntu

SNMPD is the service running SNMP on a managed entity. SNMP comes in 3 versions. Version 1, the one we are going to use here is not secured, therefore we are going to make sure that only localhost is going to be able to access it.
People opening the service to the outside should make sure that trusted hosts can access the service either though the use of iptables or through the use of /etc/hosts.allow.

The NET-SNMP project provides various SNMP tools: an extensible agent, an SNMP library, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl mib browser. The snmpd package contains the snmpd and snmptrapd daemons, documentation, etc.

1.1. Installing the SNMP server

The only package which is required on the server site is snmpd, the SNMP daemon.

To install it type:

$ sudo apt-get install snmpd

snmpd is now installed but we still have to tweak it a little bit to make it work as we want.

1.2. Configuring SNMPD

The default configuration for snmpd is rather paranoid for security reasons. Edit /etc/snmp/snmpd.conf or run snmpconf to allow greater access. You can individually control whether or not snmpd and snmpdtrap are run by editing /etc/default/snmpd.

Configure SNMPD

Edit /etc/snmp/snmpd.conf, enter:
# sudo gedit /etc/snmp/snmpd.conf
Edit or update file as follows:

smuxsocket 127.0.0.1
rocommunity setMeHere
com2sec local     localhost           public
group MyRWGroup v1         local
group MyRWGroup v2c        local
group MyRWGroup usm        local
view all    included  .1                               80
access MyRWGroup ""      any       noauth    exact  all    all    none

com2sec notConfigUser  default       mrtg
group   notConfigGroup v1           notConfigUser
group   notConfigGroup v2c           notConfigUser
view    systemview    included   .1.3.6.1.2.1.1
view    systemview    included   .1.3.6.1.2.1.25.1.1
view    systemview    included  .1                               80
access  notConfigGroup ""      any       noauth    exact  systemview none none

syslocation Athens Greece
syscontact Ubuntu.gr <info@ubuntu.gr>


See snmpd.conf(5) man page for details. Edit /etc/default/snmpd, enter:
# sudo gedit /etc/default/snmpd
Update it as follows:

 
# This file controls the activity of snmpd and snmptrapd
 
# MIB directories.  /usr/share/snmp/mibs is the default, but
# including it here avoids some strange problems.
export MIBDIRS=/usr/share/snmp/mibs

 
# snmpd control (yes means start daemon).
SNMPDRUN=yes
 
# snmpd options (use syslog, close stdin/out/err).
# 
SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid '

 
# snmptrapd control (yes means start daemon).  As of net-snmp version
# 5.0, master agentx support must be enabled in snmpd before snmptrapd
# can be run.  See snmpd.conf(5) for how to do this.
TRAPDRUN=no
 
# snmptrapd options (use syslog).

TRAPDOPTS='-Lsd -p /var/run/snmptrapd.pid'
 
# create symlink on Debian legacy location to official RFC path
SNMPDCOMPAT=yes

Restart Snmpd Service

Type the following command:
# sudo /etc/init.d/snmpd restart
Sample outputs:

Restarting network management services: snmpd.

1.3. Checking SNMP configuration:

We are going to use the snmpwalk utility to verify that the server is working as wanted.

$ snmpwalk -v 1 -c mrtg 10.xxx.xxx.xxx

Should return a lot of output

Source: http://www.cyberciti.biz/faq/debain-ubuntu-install-net-snmpd-server/

 

How to configure SNMPv3 in ubuntu 13.10 server

 

Install SNMP server and client in ubuntu

Open the terminal and run the following command

sudo apt-get install snmpd snmp

After installation you need to do the following changes.

Configuring SNMPv3 in Ubuntu

Get access to the daemon from the outside.

The default installation only provides access to the daemon for localhost. In order to get access from the outside open the file /etc/default/snmpd in your favorite editor

sudo vi /etc/default/snmpd

Change the following line

From

SNMPDOPTS=’-Lsd -Lf /dev/null -u snmp -g snmp -I -smux,mteTrigger,mteTriggerConf -p /var/run/snmpd.pid’

to

SNMPDOPTS=’-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid -c /etc/snmp/snmpd.conf’

and restart snmpd

sudo /etc/init.d/snmpd restart

Define SNMPv3 users, authentication and encryption parameters

SNMPv3 can be used in a number of ways depending on the “securityLevel” configuration parameter:

noAuthNoPriv — No authorisation and no encryption, basically no security at all!
authNoPriv — Authorisation is required but collected data sent over the network is not encrypted.
authPriv — The strongest form. Authorisation required and everything sent over the network is encrypted.

The snmpd configuration settings are all saved in a file called /etc/snmp/snmpd.conf. Open this file in your editor as in:

sudo vi /etc/snmp/snmpd.conf

Add the following lines to the end of the file:

#
createUser user1
createUser user2 MD5 user2password
createUser user3 MD5 user3password DES user3encryption
#
rouser user1 noauth 1.3.6.1.2.1.1
rouser user2 auth 1.3.6.1.2.1
rwuser user3 priv 1.3.6.1.2.1

Note:- If you want to use your own username/password combinations you need to note that the password and encryption phrases should have a length of at least 8 characters

Also you need to do the following change so that snmp can listen for connections on all interfaces

From

#agentAddress udp:161,udp6:[::1]:161

to

agentAddress udp:161,udp6:[::1]:161

Save your modified snmpd.conf file and restart the daemon with:

sudo /etc/init.d/snmpd restart

Tags: