[Asterisk-Users] SIP and MD5 logins.

andrewg at felinemenace.org andrewg at felinemenace.org
Mon Aug 25 18:51:41 MST 2003


On Tue, Aug 26, 2003 at 11:45:45AM +1000, Deon George wrote:
> G'day,
> 
> I've just downloaded asterisk and having a play with it - its great, good 
> work gang!
> 
> I have a question - I've been playing with X-lite talking with asterisk, 
> and it appears to work really well. I now want to get the X-lite clients 
> to login using an MD5 password (so that it isnt cleartext in the 
> configuration files).
> 
> I took my password out of /etc/shadow and used it in the "secret=" part of 
> sip.conf and also set auth=md5 - but the xlite client wont login. When I 
> change it back to secret=secret, it does log in.
> 
> Am I doing something wrong?
> 

Well, from memory, yes. You still need the passwords in the file as plaintext,
its just that it uses an MD5 challenge response, so the password doesn't 
travel over the network in plain text. 

Also, for references sake, the /etc/shadow md5 is different from the standard
md5 thing, because the /etc/shadow method provides salting the md5 of the 
password. When you login to a unix system, most of the time the password is 
transmitted to the remote system. (Bar stuff like ssh public key logins, etc)


> ...deon
> _______________________________________________
> Asterisk-Users mailing list
> Asterisk-Users at lists.digium.com
> http://lists.digium.com/mailman/listinfo/asterisk-users



More information about the asterisk-users mailing list