[asterisk-commits] tilghman: trunk r113400 - in /trunk: ./ contrib/scripts/astgenkey.8

SVN commits to the Asterisk project asterisk-commits at lists.digium.com
Tue Apr 8 11:54:21 CDT 2008


Author: tilghman
Date: Tue Apr  8 11:54:21 2008
New Revision: 113400

URL: http://svn.digium.com/view/asterisk?view=rev&rev=113400
Log:
Merged revisions 113399 via svnmerge from 
https://origsvn.digium.com/svn/asterisk/branches/1.4

........
r113399 | tilghman | 2008-04-08 11:51:28 -0500 (Tue, 08 Apr 2008) | 6 lines

Add security note on astgenkey's manpage.
(closes issue #12373)
 Reported by: lmamane
 Patches: 
       20080406__bug12373.diff.txt uploaded by Corydon76 (license 14)

........

Modified:
    trunk/   (props changed)
    trunk/contrib/scripts/astgenkey.8

Propchange: trunk/
------------------------------------------------------------------------------
Binary property 'branch-1.4-merged' - no diff available.

Modified: trunk/contrib/scripts/astgenkey.8
URL: http://svn.digium.com/view/asterisk/trunk/contrib/scripts/astgenkey.8?view=diff&rev=113400&r1=113399&r2=113400
==============================================================================
--- trunk/contrib/scripts/astgenkey.8 (original)
+++ trunk/contrib/scripts/astgenkey.8 Tue Apr  8 11:54:21 2008
@@ -109,6 +109,21 @@
 Don't encrypt the private key.
 .RE
 
+.SH SECURITY
+The keys are created, using the umask of the user running the command.
+To create the keys in a secure manner, you should check to ensure that
+your umask is first set to disallow the private key from being world-
+readable, such as with the following commands:
+
+.I umask 0066
+
+.I astgenkey yourkey
+
+And then make the key accessible to Asterisk (assuming you run it as
+user "asterisk").
+
+  chown asterisk /var/lib/asterisk/keys/yourname.*
+
 .SH FILES
 .I /var/lib/asterisk/keys
 .RS




More information about the asterisk-commits mailing list