[asterisk-users] Hide passwords in SIP.conf
Tzafrir Cohen
tzafrir.cohen at xorcom.com
Sat Oct 20 00:21:31 CDT 2007
On Fri, Oct 19, 2007 at 11:15:35PM +0100, Alan Lord wrote:
> Frederico Madeira wrote:
> > Hi guys,
> >
> > There is other way instead plain text to define passwords in sip.conf ?
> > In register, peers and extensions ?
> >
> > Thanks.
> >
>
> Depending on how your asterisk server is setup to run, if you chmod
> /etc/asterisk as 750 and the files underneath as 640, then only the user
> and group owner can read (+ only owner user can write). Others will not
> even see the existence of the directory or files...
>
> My server runs as user asterisk and group asterisk.
But then again, someone with the permission to connect to the control
socket or to the manager interface (with the "command" write permission)
can also issue "sip show users", regardless of where you actually keep
the passwords.
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.cohen at xorcom.com
+972-50-7952406 mailto:tzafrir.cohen at xorcom.com
http://www.xorcom.com iax:guest at local.xorcom.com/tzafrir
More information about the asterisk-users
mailing list