If RHEL 9 installed Hide DES option

[bmfmancini]

If Cacti is deployed on RHEL9+ we should hide the DES option as support has been removed
at the OS level by openssl/Redhat and I suspect Rocky may be the same

https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/9.0_release_notes/deprecated_functionality

OpenSSL deprecates MD2, MD4, MDC2, Whirlpool, RIPEMD160, Blowfish, CAST, DES, IDEA, RC2, RC4, RC5, SEED, and PBKDF1

The OpenSSL project has deprecated a set of cryptographic algorithms because they are insecure, uncommonly used, or both. Red Hat also discourages the use of those algorithms, and RHEL 9 provides them for migrating encrypted data to use new algorithms. Users must not depend on those algorithms for the security of their systems.

The implementations of the following algorithms have been moved to the legacy provider in OpenSSL: MD2, MD4, MDC2, Whirlpool, RIPEMD160, Blowfish, CAST, DES, IDEA, RC2, RC4, RC5, SEED, and PBKDF1.

See the /etc/pki/tls/openssl.cnf configuration file for instructions on how to load the legacy provider and enable support for the deprecated algorithms.

([BZ#1975836](https://bugzilla.redhat.com/show_bug.cgi?id=1975836))

Although netsnmp will show the option to use DES the command will fail
Cacti already provides a message that DES is not supported on this system

If the install is a Migration from RHEL 8 to 9 and the install was already configured for DES
Log in cacti log advising support has been removed

[TheWitness]

It seems in Rocky9, DES is still enabled

man snmpd.conf
<snip>

   SNMPv3 USM Users
       To  use the USM based SNMPv3-specific users, you'll need to create them.  It is recommended you use the net-snmp-config command to do this, but you can also do it by directly specify‐
       ing createUser directives yourself instead:

       createUser [-e ENGINEID] username (MD5|SHA|SHA-512|SHA-384|SHA-256|SHA-224) authpassphrase [DES|AES] [privpassphrase]

              MD5|SHA|SHA-512|SHA-384|SHA-256|SHA-224 are the authentication types to use.  DES and AES are the privacy protocols to use.  If the privacy passphrase is not specified,  it  is
              assumed  to  be  the  same as the authentication passphrase.  Note that the users created will be useless unless they are also added to the VACM access control tables described
              above.

              SHA|SHA-512|SHA-384|SHA-256|SHA-224 authentication and DES/AES privacy require OpenSSL to be installed and the agent to be built with OpenSSL support.  MD5  authentication  may
              be used without OpenSSL.

              Warning: the minimum pass phrase length is 8 characters.
<snip>

[TheWitness]

I think they brought it back for backward compatibility for polling old devices. It was gone for a time.

[bmfmancini]

I think net-snmp still has the option there however openssl removed the support unless you add some back ports to allow the unsupported algos

[TheWitness]

We recommend to no use php-snmp. So, I think this is closable. Hopefully at some point, I can get back to helping the PHP team improve php-snmp support.