[asterisk-commits] tilghman: trunk r113400 - in /trunk: ./ contrib/scripts/astgenkey.8
SVN commits to the Asterisk project
asterisk-commits at lists.digium.com
Tue Apr 8 11:54:21 CDT 2008
Author: tilghman
Date: Tue Apr 8 11:54:21 2008
New Revision: 113400
URL: http://svn.digium.com/view/asterisk?view=rev&rev=113400
Log:
Merged revisions 113399 via svnmerge from
https://origsvn.digium.com/svn/asterisk/branches/1.4
........
r113399 | tilghman | 2008-04-08 11:51:28 -0500 (Tue, 08 Apr 2008) | 6 lines
Add security note on astgenkey's manpage.
(closes issue #12373)
Reported by: lmamane
Patches:
20080406__bug12373.diff.txt uploaded by Corydon76 (license 14)
........
Modified:
trunk/ (props changed)
trunk/contrib/scripts/astgenkey.8
Propchange: trunk/
------------------------------------------------------------------------------
Binary property 'branch-1.4-merged' - no diff available.
Modified: trunk/contrib/scripts/astgenkey.8
URL: http://svn.digium.com/view/asterisk/trunk/contrib/scripts/astgenkey.8?view=diff&rev=113400&r1=113399&r2=113400
==============================================================================
--- trunk/contrib/scripts/astgenkey.8 (original)
+++ trunk/contrib/scripts/astgenkey.8 Tue Apr 8 11:54:21 2008
@@ -109,6 +109,21 @@
Don't encrypt the private key.
.RE
+.SH SECURITY
+The keys are created, using the umask of the user running the command.
+To create the keys in a secure manner, you should check to ensure that
+your umask is first set to disallow the private key from being world-
+readable, such as with the following commands:
+
+.I umask 0066
+
+.I astgenkey yourkey
+
+And then make the key accessible to Asterisk (assuming you run it as
+user "asterisk").
+
+ chown asterisk /var/lib/asterisk/keys/yourname.*
+
.SH FILES
.I /var/lib/asterisk/keys
.RS
More information about the asterisk-commits
mailing list