Network Device Credential Validator

Build a command-line tool that validates SNMPv3 credentials against network devices using different authentication and privacy protocols.

Requirements

Create a Python script credential_validator.py that accepts network device details and SNMPv3 credentials, then attempts to retrieve basic system information to verify the credentials are valid.

Command-line Interface

The script should accept the following arguments:

• --host: Target device hostname or IP address (required)
• --port: SNMP port (default: 161)
• --username: SNMPv3 username (required)
• --auth-protocol: Authentication protocol - choices: "MD5", "SHA", "SHA224", "SHA256", "SHA384", "SHA512", or "none" (required)
• --auth-key: Authentication passphrase (required if auth-protocol is not "none")
• --priv-protocol: Privacy/encryption protocol - choices: "DES", "3DES", "AES128", "AES192", "AES256", or "none" (required)
• --priv-key: Privacy passphrase (required if priv-protocol is not "none")

Functionality

The tool should:

1. Configure SNMPv3 user credentials with the specified authentication and privacy protocols
2. Query the device for its system description (OID: 1.3.6.1.2.1.1.1.0)
3. Display success message with the system description if credentials are valid
4. Display appropriate error message if credentials are invalid or connection fails
5. Handle timeout errors gracefully with a 2-second timeout

Output Format

On success, print:

SUCCESS: Credentials validated for <host>
System Description: <retrieved system description>
Security Level: <noAuthNoPriv|authNoPriv|authPriv>

On authentication failure, print:

FAILED: Authentication failed - <error details>

On connection timeout or other errors, print:

ERROR: <error description>

Test Cases

• When valid SNMPv3 credentials with SHA authentication and AES128 encryption are provided for a reachable device, the tool retrieves and displays the system description @test
• When an incorrect authentication key is provided, the tool reports an authentication failure @test
• When no authentication or privacy is specified (noAuthNoPriv security level), the tool successfully retrieves system information @test

Implementation

@generates

API

import argparse

def validate_credentials(host, port, username, auth_protocol, auth_key, priv_protocol, priv_key):
    """
    Validate SNMPv3 credentials against a network device.

    Args:
        host: Target device hostname or IP
        port: SNMP port number
        username: SNMPv3 username
        auth_protocol: Authentication protocol (MD5, SHA, SHA224, SHA256, SHA384, SHA512, or none)
        auth_key: Authentication passphrase
        priv_protocol: Privacy protocol (DES, 3DES, AES128, AES192, AES256, or none)
        priv_key: Privacy passphrase

    Returns:
        tuple: (success: bool, message: str, sys_description: str or None)
    """
    pass

def main():
    """Parse arguments and execute credential validation."""
    pass

if __name__ == "__main__":
    main()

Dependencies { .dependencies }

pysnmp { .dependency }

Provides SNMPv3 protocol support with user-based security model.