Template:FAQ:Agent 23
The simplest way is to use the configure directives:
rocommunity public (for SNMPv1/2c) rwcommunity private
or
rouser user1 (for SNMPv3) rwuser user2
These specify the community names or security names to accept for
read-only and read-write access to the whole of the supported MIB tree.
(Obviously you should change these names to match your requirements -
which is a particularly good idea in the case of 'rwcommunity'
!)
Note that you should not specify the
same community name for both rocommunity
and rwcommunity
directives.
The rwcommunity
setting automatically provides read access,
and having both lines (with the same community name) may result in
unexpected behaviour. Only use both settings when
specifying different community names.
The same holds true for rouser
and rwuser
.
The two community directives can be restricted to only allow requests
from particular sources, and all four can can be restricted to particular
subtree or (from v5.3) a named view. See 'snmpd.conf(5)'
for details.
These directives are effectively wrappers round the core access control
mechanism, which uses the four directives 'com2sec', 'group', 'view'
and 'access'
to provide a more efficient and flexible control
over who can access which portions of the tree.
See the next entry for the gory details.