This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

What does 'password is a key' mean?

I recently set snmp configuration and encounter a problem.When I uncheck 'password is a key',the result will be test successful.Otherwise,it will be test failed.Could someone please tell me what does 'password is a key' mean?

Parents
  • I don't see that anyone answered your question yet. This is my understanding. Someone can further clarify or correct me where I'm wrong. 

    Simple answer/Generalization: Different devices read in different formats. It is similar to video file encoding. Some files are supported naturally on Windows Media Player (like MP4s). To play other files on Windows Media Player. (like MKVs) you need to download CODECs for the files to work. The same concept applies to the devices running SNMPv3.

     SNMPv3 keys are usually written in ASCII. A majority of machines you run across will handle information written in ASCII. For different reasons (cheap manufacturer or type encryption used), some machines won't process ASCII the way you want. The machines that don't use ASCII keys, encrypt data differently into "Blocks". Depending on the equipment you are using and the mode of encryption the device runs, you may need to click the "Password is a key" check box to create a unique key for the local device. Because of the encryption mode or because of the manufacture's decision, ASCII might not work.

    An example: some people might say "Use AES-128" when encrypting data. AES-128 is a broad term. There are 5 modes/versions of AES-128. They are ECB, CBC, CFB, OFB, & CTR. On some equipment, you might see something like CFB-AES-128 listed when you are choosing an encryption type. CFB is fairly common and is only compatible with CFB. For CFB, you would simply use a password in SolarWinds for it to work. On the other hand, if your equipment supported OFB-AES-128, you would need to click "Password is a key" for it to work. The encryption mode works differently, and ASCII strings don't necessarily work for OFB.

    Does that make sense?  

Reply
  • I don't see that anyone answered your question yet. This is my understanding. Someone can further clarify or correct me where I'm wrong. 

    Simple answer/Generalization: Different devices read in different formats. It is similar to video file encoding. Some files are supported naturally on Windows Media Player (like MP4s). To play other files on Windows Media Player. (like MKVs) you need to download CODECs for the files to work. The same concept applies to the devices running SNMPv3.

     SNMPv3 keys are usually written in ASCII. A majority of machines you run across will handle information written in ASCII. For different reasons (cheap manufacturer or type encryption used), some machines won't process ASCII the way you want. The machines that don't use ASCII keys, encrypt data differently into "Blocks". Depending on the equipment you are using and the mode of encryption the device runs, you may need to click the "Password is a key" check box to create a unique key for the local device. Because of the encryption mode or because of the manufacture's decision, ASCII might not work.

    An example: some people might say "Use AES-128" when encrypting data. AES-128 is a broad term. There are 5 modes/versions of AES-128. They are ECB, CBC, CFB, OFB, & CTR. On some equipment, you might see something like CFB-AES-128 listed when you are choosing an encryption type. CFB is fairly common and is only compatible with CFB. For CFB, you would simply use a password in SolarWinds for it to work. On the other hand, if your equipment supported OFB-AES-128, you would need to click "Password is a key" for it to work. The encryption mode works differently, and ASCII strings don't necessarily work for OFB.

    Does that make sense?  

Children
No Data