[asterisk-users] Asterisk encrypted authentication for clients
Jeff LaCoursiere
jeff at jeff.net
Fri Oct 30 09:37:50 CDT 2015
On 10/29/2015 04:01 PM, Motty wrote:
>
>
> On 10/29/2015 01:11 PM, Jeff LaCoursiere wrote:
>> On 10/28/2015 06:37 PM, Pete Mundy wrote:
>>> Hi Motty,
>>>
>>> Isn't the whole point of the nonce in a SIP registration to ensure
>>> the secret doesn't go on the wire in plain-text? Is this not enough,
>>> or are you looking to hide the username too?
>>>
>>> (if so, fair 'nuf, just wondering why :)
>>>
>>> Pete
>>>
>>> Ps, if so then I think TLS is the missing part of your equation.
>>>
>>> On 29/10/2015, at 11:54 AM, Motty <motty.cruz at gmail.com> wrote:
>>>
>>>> Hello,
>>>> I am searching for a solution to encrypt authentication from
>>>> Asterisk server to clients. Searching srtp seem to encrypt traffic,
>>>> I just want client authentication with encryption. Can someone
>>>> point to the right direction? has anybody used ZRTP? experience
>>>> with ZRTP?
>>>>
>>>> Thanks,
>>>> _motty
>>>
>>>
>>
>> You want SIP over TLS. That encrypts the signalling. SRTP and ZRTP
>> encrypt the actual voice traffic.
>>
>> Cheers,
>>
>> j
>>
>>
>
>
> Thanks Jeff,
> I don't want SIP over TLS. I would like to encrypt password only, I
> suppose over TLS.
>
> Thanks,
> _motty
The password isn't sent - SIP auth involves a challenge/response with
hashing (digest authentication). If that's all you are interested in,
you are already there.
Cheers,
j
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20151030/5bcb4142/attachment.html>
More information about the asterisk-users
mailing list