Hello, i can not seem to find any topics or documentations on this, but is the newer versions of checkMK supporting SHA 3 authentication when configuring monitoring agents on a host?
The version i am running of checkMK is a bit older, and supports MD5, SHA1, and SHA2 versions. But the host i am trying to get snmp-data from is encrypted with SHA3, so i am only getting decryption-error in return when trying to connect.
Anyone has any suggestions/solutions?
Thanks in advance
Hi Caleen,
currently (also in the daily build of version 2.4) checkmk only supports SHA2 up to SHA2-512.
This could be something for the ideas portal.
https://ideas.checkmk.com
SHA-3 means SHA-256 or SHA-512.
There is no option for SHA-3, please test with booth (256/512) as authentication protocol.
Thanks, i will consider the idea-portal.
Thanks for your response, and i tested all available options as you suggested. 
SHA3 is, on the other hand, is a different protocol than SHA2 that came in 2015 and can have an output up to 1024-bit hashes, so it requires its own config. But i guess, in checkMK, it will be for the future.
There is no SHA3 specified in any standard for authentication. It would be good to know what obscure devices you want to monitor.
Hi Caleen,
can you show us a screenshot of the configuration and a description of the device that is using SHA-3 for SNMP v3 ?
Hello, and sorry. I am not allowed to share configs or screens from the system/documentation as it is covered by stright confidentiality rules 
. But we are contacting the supplyer of the software to get more specifications on what and how they have configured it. I will update if i get any more relevant info. I am hoping that there is an error/misunderstanding from their part, and that the access points are just configured/specified wrong. 
The supplier had an error on their side, and it was not sha3 that was used, it was sha1. The reason why it did not work when i tried sha1 was because they had used specified ports for snmp (11k something ports) so the normal checks did not get any respons on the default 161. We have changed this back to default ports now.
Still having issues, but atleast its not a sha3 issue
SNMPv3 gives this (and i know the user/passwords are correct - AES and SHA):
snmpbulkwalk: Authentication failure (incorrect password, community or key) (Exit-Code: 1)
This topic was automatically closed 365 days after the last reply. New replies are no longer allowed. Contact an admin if you think this should be re-opened.