How to disable version 1 and version 2c in snmpd?
Comment out the lines that start with com2sec
, group
, and access
in snmpd.conf, e.g:
[root@sandbox snmp]# cat snmpd.conf
#com2sec notConfigUser default public
#group notConfigGroup v1 notConfigUser
#group notConfigGroup v2c notConfigUser
view systemview included .1.3.6.1.2.1.1
view systemview included .1.3.6.1.2.1.25.1.1
#access notConfigGroup "" any noauth exact systemview none none
#com2sec local 0.0.0.0/0 publicrw
#com2sec mynetwork 0.0.0.0/0 publicro
#group MyRWGroup any local
#group MyROGroup any mynetwork
view all included .1 80
view mib2 included .iso.org.dod.internet.mgmt.mib-2 fc
#access MyROGroup "" any noauth 0 all none none
#access MyRWGroup "" any noauth 0 all all all
syslocation Unknown (edit /etc/snmp/snmpd.conf)
syscontact Root <root@localhost> (configure /etc/snmp/snmp.local.conf)
rwuser readonly
[root@sandbox snmp]# snmpwalk -v1 -c public localhost
Timeout: No Response from localhost
[root@sandbox snmp]# snmpwalk -v2c -c public localhost
Timeout: No Response from localhost
[root@sandbox snmp]# snmpwalk -v 3 -n '' -l authPriv -u "readonly" -A "readonly" -X "readonly" localhost IF-MIB::ifName
IF-MIB::ifName.1 = STRING: lo
IF-MIB::ifName.2 = STRING: eth0
IF-MIB::ifName.3 = STRING: eth1