Bad security model error in the net-snmpd.log file for the RSA Authentication Manager 8.x hardware appliance
Originally Published: 2019-03-01
Article Number
Applies To
RSA Product Set: SecurID
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.1SP1, 8.2, 8.3
Issue
...
/etc/snmp/snmpd.conf: line 30: Error: bad security model, should be: v1, v2c or usm or a registered security plugin name
net-snmp: 1 error(s) in config file(s)
NET-SNMP version 5.4.2.1
[smux_accept] accepted fd 14 from 127.0.0.1:42560
accepted smux peer: oid SNMPv2-SMI::enterprises.674.10892.1, descr Systems Management SNMP MIB Plug-in Manager
Got trap from peer on fd 14
...
This error is occurs only on the RSA Authentication Manager hardware appliance. Therefore, if you use virtual appliances, you do not run into this error.
Cause
Although a context parameter for the access directive includes a space between double quotes (shown below in bold), the parameter should not include the space:
... # Allow Systems Management Data Engine SNMP to connect to snmpd using SMUX smuxpeer .1.3.6.1.4.1.674.10892.1 view all included .1 access notConfigGroup " " any noauth exact all none none ...
Workaround
- Launch an SSH client, such as PuTTY.
- Login to the primary Authentication Manager server as rsaadmin and enter the operating system password.
Note that during Quick Setup another user name may have been selected. Use that user name to login.
- Navigate to /etc/snmp:
cd /etc/snmp
- Copy the original /etc/snmp/snmpd.conf:
cp snmpd.conf snmpd.conf.bak
- Open /etc/snmp/snmpd.conf as root using a text editor
/etc/snmp> sudo vi /etc/snmp/snmpd.conf rsaadmin's password: <enter operating system password>
- Scroll the the access notConfigGroup line.
- Delete the space between the double quotes.
Before:
access notConfigGroup " " any noauth exact all none none
After:
access notConfigGroup "" any noauth exact all none none
- Save and close /etc/snmp/snmpd.conf.
- Restart the snmpd service as root.
/sbin/service snmpd restart
- After that, /var/log/net-snmpd.log does not record the bad security model error:
Received TERM or STOP signal... shutting down... NET-SNMP version 5.4.2.1
Related Articles
How to factory reset an RSA Authentication Manager 8.x hardware appliance without a factory reset button from the Operatio… Number of Views How to determine the RSA Authentication Manager 8.x hardware platform Number of Views Running ./rsaserv command displays errors on the log4j file for RSA Authentication Manager 8.x Number of Views Error message in RSA Authentication Manager 8.x Security Console or Self-Service Console when logging in with LDAP password Number of Views How to migrate from RSA Authentication Manager hardware appliance or virtual appliance to virtual appliance in another pla… Number of Views
Trending Articles
RSA Authentication Manager Upgrade Process RSA Release Notes for RSA Authentication Manager 8.8 RSA RADIUS Server service failed to start in the RSA Authentication Manager 8.1 Operations Console Microsoft Entra ID External MFA - Relying Party Configuration Using OIDC - RSA Ready Implementation Guide RSA Release Notes: Cloud Access Service and RSA Authenticators
Don't see what you're looking for?
