[Asterisk-Users] no plain text passwords in iax.conf
Karl Brose
khb at brose.com
Mon Nov 29 19:22:42 MST 2004
Interesting question and important as passwords are scattered around
everywhere in Asterisk.
A central user credentials database is needed, so that a user can
connect any which way (SIP,
H323,IAX, MGCP,etc) and use the same set of credentials.
I have a prototype implementation coded for SIP, but it will take more
time (unless there is
some real $$$ incentive, any commercial providers willing to do
something here?).
In addition to central management, these credentials must not get copied
around in memory
as they are currently, there are some real infrastructure changes needed
in the channels, which
would enhance security as well as performance.
Other than that, one could probably encrypt/decrypt passwords when
needed, particularly when
they come out of a database, most of these solutions are probably more
or less hacks.
Bastian Schern wrote:
> Hello Asterisk friends,
>
> is it possible to avoid plain text passwords in the iax.conf or the
> iaxfriends MySQL database table?
>
> Regards
> Bastian
> _______________________________________________
> Asterisk-Users mailing list
> Asterisk-Users at lists.digium.com
> http://lists.digium.com/mailman/listinfo/asterisk-users
> To UNSUBSCRIBE or update options visit:
> http://lists.digium.com/mailman/listinfo/asterisk-users
>
More information about the asterisk-users
mailing list