From e032db5752d6f89d9de7cfddab2d12a3f2fe6fcd Mon Sep 17 00:00:00 2001 From: Teemu Mikkonen Date: Sat, 22 Oct 2016 10:11:21 +0300 Subject: [PATCH] Added configuration info for more secure SNMPv3 (#1294) * Added configuration info for more secure SNMPv3 * Add inline code markdown for variable names --- .../_components/device_tracker.snmp.markdown | 20 +++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) diff --git a/source/_components/device_tracker.snmp.markdown b/source/_components/device_tracker.snmp.markdown index e2bde595b32..ab33595cefc 100644 --- a/source/_components/device_tracker.snmp.markdown +++ b/source/_components/device_tracker.snmp.markdown @@ -29,20 +29,36 @@ OID examples: - pfSense: `1.3.6.1.2.1.4.22.1.2` (tested on 2.2.4-RELEASE, need to enable SNMP service) - TPLink: `1.3.6.1.2.1.3.1.1.2.19.1` (Archer VR2600v, need to enable SNMP service) -To use the SNMP platform in your installation, add the following to your `configuration.yaml` file: +To use the SNMP version 1 platform in your installation, add the following to your `configuration.yaml` file: ```yaml -# Example configuration.yaml entry +# Example configuration.yaml entry for SNMP version 1 device_tracker: - platform: snmp host: 192.168.1.1 community: public baseoid: 1.3.6.1.4.1.14988.1.1.1.2.1.1 ``` + +If you want to use encryption, you must enable SNMP version 3 by adding `authkey` and `privkey` variables and enabling SNMP version 3 on your router. Currently only SHA1 is supported for authentication and AES for encryption. Example of SNMPv3 configuration: + +```yaml +# Example configuration.yaml entry for SNMP version 3 +device_tracker: + - platform: snmp + host: 192.168.1.1 + community: username + authkey: authpass + privkey: privpass + baseoid: 1.3.6.1.4.1.14988.1.1.1.2.1.1 +``` + Configuration variables: - **host** (*Required*): The IP address of the router, eg. 192.168.1.1. - **community** (*Required*): The SNMP community which is set for the device. Most devices have a default community set to to `public` with read-only permission (which is sufficient). - **baseoid** (*Required*): The OID prefix where wireless client registrations can be found, usually vendor specific. It's advised to use the numerical notation. To find this base OID, check vendor documentation or check the MIB file for your device. +- **authkey** (*Inclusive*): Authentication key for SNMPv3. Variable privkey must also be set. +- **privkey** (*Inclusive*): Privacy key SNMPv3. Variable authkey must also be set. See the [device tracker component page](/components/device_tracker/) for instructions how to configure the people to be tracked.