Re: [Isms] #1: is it important to support anonymous user accesstoSNMP?

To: ietfdbh at comcast.net
Subject: Re: [Isms] #1: is it important to support anonymous user accesstoSNMP?
From: Sam Hartman <hartmans-ietf at mit.edu>
Date: Mon, 24 Oct 2005 18:15:57 -0400
Cc: isms at ietf.org
In-reply-to: <00fc01c5d8e2$10a38e90$0400a8c0@DJYXPY41> (David B. Harrington's message of "Mon, 24 Oct 2005 17:29:49 -0400")
List-archive: <http://www1.ietf.org/pipermail/isms>
List-help: <mailto:isms-request@lists.ietf.org?subject=help>
List-id: Mailing list for the ISMS working group <isms.lists.ietf.org>
List-post: <mailto:isms@lists.ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/isms>, <mailto:isms-request@lists.ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/isms>, <mailto:isms-request@lists.ietf.org?subject=unsubscribe>
References: <00fc01c5d8e2$10a38e90$0400a8c0@DJYXPY41>
Sender: isms-bounces at lists.ietf.org
User-agent: Gnus/5.1006 (Gnus v5.10.6) Emacs/21.3 (gnu/linux)

>>>>> "David" == David B Harrington <ietfdbh at comcast.net> writes:


    David> Personally, rather than seeing support for a wide variety
    David> of authentication alternatives, I'd like to see us support
    David> the widely-deployed SSH authentication mechanisms that
    David> serve SNMP needs. I am willing to accept that we should
    David> support any authentication mechanism REQUIRED or
    David> RECOMMENDED for use with the SecSH standard.

I think as a matter of architectural sanity you need to support any
authentication mechanism that works with the ssh protocol regardless
of whether it is recommended for use.

    David> Is anonymous SSH authentication supported by the secsh
    David> standards?

Sure.  Two ways.  The easiest is that the server simply returns
success when you start user authentication instead of giving you
methods to choose from.  I've also seen servers that offer
keyboard-interactive and when you select it simply return success.
The second is that you have some well known credential.

--Sam


_______________________________________________
Isms mailing list
Isms at lists.ietf.org
https://www1.ietf.org/mailman/listinfo/isms

References:
- RE: [Isms] #1: is it important to support anonymous user accesstoSNMP?
  - From: David B Harrington

Prev by Date: [Isms] WG Action: RECHARTER: Integrated Security Model for SNMP (isms)
Next by Date: RE: [Isms] #1: is it important to support anonymous user accesstoSNMP?
Previous by thread: RE: [Isms] #1: is it important to support anonymous user accesstoSNMP?
Next by thread: Re: [Isms] #1: is it important to support anonymous user accesstoSNMP?
Index(es):
- Date
- Thread

Re: [Isms] #1: is it important to support anonymous user accesstoSNMP?

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.