createUser myusername SHA "passwd1" AES "passwd2"
rouser  myusername  priv

Reduce logging


In /etc/systemd/system/

Replace any LSw or LO4 with LSc or LOc, like this:

ExecStart=/usr/sbin/snmpd -LOc -u Debian-snmp -g Debian-snmp -I -smux,mteTrigger,mteTriggerConf -f -p /run/

From man snmpcmd, the priorities recognized are:

0 or ! for LOG_EMERG,
1 or a for LOG_ALERT,
2 or c for LOG_CRIT,
3 or e for LOG_ERR,
4 or w for LOG_WARNING,
5 or n for LOG_NOTICE,
6 or i for LOG_INFO, and
7 or d for LOG_DEBUG.

Then this (seems reload for snmpd isn’t enough):

sudo systemctl daemon-reload
sudo systemctl restart snmpd


snmpwalk – retrieve a subtree of management values using SNMP GETNEXT requests

snmpwalk -v3 -l authPriv -u [User name] -a MD5 -A [User password] -x DES -X [DES password] [IP address of host] [OID of system information MIB]
snmpwalk -v3 -l authPriv -u myusername -a SHA -A "passwd1" -x AES -X "passwd2" .


Restrictions to community strings and passwords

So these additional characters:


MD5 or SHA-x ?


AES or DES ?

AES is more secure and better as compared to DES because of its effective and variable key size. Secondly, It allows us to choose either 128, 192 or 256 bit key which makes it exponentially stronger than 56 bit key. Moreover, it makes it harder to break the encryption.