[asterisk-users] Hide the plain text password
Richard Kenner
kenner at gnat.com
Tue Feb 15 06:52:26 CST 2011
> How does that improve things? The reason that works with Cisco routers
> is because the code that reads that special key file and uses it to
> decrypt the other files is closed-source; nobody can see how it works.
>
> As another poster said, that's not true for Asterisk. If Asterisk had
> such a facility, the method used to decrypt the protected passwords
> would be publicly available, as would the decryption key (in the special
> key file). Anyone who wanted to decrypt the passwords from the config
> files would have an only slightly more complex route to do so... it
> would still be straightforward.
Please reread what I wrote. The encryption key for the passwords
wouldn't be in Asterisk sources, but selected BY THE USER and stored
in a SINGLE configuration file that contains just that password. This
is what Cisco does.
That way, the rest of the config files, which you might want to put in
a CM system, need not be protected.
More information about the asterisk-users
mailing list