[Asterisk-Dev] iax2 RSA authentication
James Golovich
james at wwnet.net
Mon Mar 15 09:48:21 MST 2004
On Mon, 15 Mar 2004, Olle E. Johansson wrote:
> I tried to document the RSA public/private key authentication of IAX2 channels
> on the wiki. Please read through and correct me if I'm wrong, thank you.
>
> http://www.voip-info.org/tiki-index.php?page=Asterisk%20iax%20rsa%20auth
>
> I feel that the RSA auth within IAX2 is a strong selling point. However, to
> be used it needs to be explained...
>
> * On the wiki page I propose a small change to astgenkey to disable pass phrases. T
> he password input routine doesn't work well with automatic restarts of Asterisk.
> Even though not using a passphrase for the key is a security risk, I don't want
> asterisk to wait for keyboard input after a power failure.
You can just drop the -3des from the openssl command line to get it to not
require a pass phrase. There should probably be an option to astgenkey,
but it should not be the default.
I don't put pass phrases on my keys I use with IAX anymore
James
More information about the asterisk-dev
mailing list