Reset Search
 

 

Article

How to remove default SNMP credentials in EXOS

« Go Back

Information

 
TitleHow to remove default SNMP credentials in EXOS
Objective
EXOS has default community strings for SNMPv2, and several default users for SNMPv3. This article will describe the steps needed to remove these default credentials.
Environment
EXOS All
Procedure
For SNMPv2, delete the default community strings of public and private:
 
configure snmp delete community public
configure snmp delete community private

For SNMPv3, the default users can be deleted with the commands below:
 
configure snmpv3 delete user admin
configure snmpv3 delete user initial
configure snmpv3 delete user initialmd5
configure snmpv3 delete user initialsha
configure snmpv3 delete user initialmd5Priv
configure snmpv3 delete user initialshaPriv

How to add snmpv3 users see this article, How to set up SNMPv3 on EXOS
How to delete snmpv3 group, see this article, How to delete snmpv3 default groups in EXOS

 
Additional notes
During the initial startup script on a switch with a factory default config, there is an option to disable SNMP access:
SNMP access is enabled by default. SNMP uses no encryption, SNMPv3 can be
configured to eliminate this problem.

Would you like to disable SNMP? [y/N]: Yes
Disabling all SNMP access ... done
If 'Yes' is selected here, all SNMP access to the switch will be disabled, with the command disable snmp access


In EXOS 16.1 and later, an enhanced security mode was added as an option to the startup script. If this is selected, all default SNMP users and communities will be deleted
 
This switch currently has all management methods enabled for convenience reasons.
Please answer these questions about the security settings you would like to use.
You may quit and accept the default settings by entering 'q' at any time.

The switch offers an enhanced security mode. Would you like to read more,
and have the choice to enable this enhanced security mode? [y/N/q]: Yes

Enhanced security mode configures the following defaults:

        * Disable Telnet server.
        * Disable HTTP server.
        * Disable SNMP server.
        * Remove all factory default SNMP users & community names.
        * Remove all factory default login accounts.
        * Force creation of a new admin (read-write) account.
        * Force setting of failsafe username & password.
        * Lockout accounts for 5 minutes after 3 consecutive login failures.
        * Plaintext password entry will not be allowed.
        * Generate an event when the logging memory buffer exceeds 90% of capacity.
        * Only admin privilege accounts are permitted to run "show log".
        * Only admin privilege accounts are permitted to run "show diagnostics".

Would you like to use this enhanced security mode? [Y/n/q]:


For further information on these default credentials, see What default SNMP credentials are present in EXOS?

 

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255