For the snmpv2c example, use a community which is something more like

the sort of thing which should actually be used (a proper random string
rather than a common word, and especially not a common word that is the
default for much SNMP software). The example here is restricted to
127.0.0.1 but it's easy to adapt to something where it's more unsafe
so better not to give the example. ok martijn@

diff --git a/usr.sbin/snmpd/snmpd.conf.5 b/usr.sbin/snmpd/snmpd.conf.5
index 17fd39d..bf2fd69 100644 (file)
--- a/usr.sbin/snmpd/snmpd.conf.5
+++ b/usr.sbin/snmpd/snmpd.conf.5
@@ -1,4 +1,4 @@
-.\" $OpenBSD: snmpd.conf.5,v 1.56 2021/08/10 07:53:57 martijn Exp $
+.\" $OpenBSD: snmpd.conf.5,v 1.57 2021/08/11 18:35:02 sthen Exp $
 .\"
 .\" Copyright (c) 2007, 2008, 2012 Reyk Floeter <reyk@openbsd.org>
 .\"
@@ -14,7 +14,7 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.Dd $Mdocdate: August 10 2021 $
+.Dd $Mdocdate: August 11 2021 $
 .Dt SNMPD.CONF 5
 .Os
 .Sh NAME
@@ -402,12 +402,13 @@ Example configuration file.
 .Sh EXAMPLES
 The following example will tell
 .Xr snmpd 8
-to listen on localhost for SNMPv2c messages only with the public community,
-override the default system OID, set the magic services value and provides some
-custom OID values:
+to listen on localhost for SNMPv2c messages only with the community
+.Dq 8LHQtm1QLGzk ,
+override the default system OID, set the magic services value,
+and provide some custom OID values:
 .Bd -literal -offset indent
 listen on 127.0.0.1 snmpv2c
-read-only community public
+read-only community 8LHQtm1QLGzk
 
 system oid 1.3.6.1.4.1.30155.23.2
 system services 74