Re: [Asterisk-Users] chan_sip + MD5 encryption: WARNING Format for authentication entry is user[:secret]@realm

kleis-asterisk-dev at tiscali.it kleis-asterisk-dev at tiscali.it
Sat Jun 4 15:12:28 MST 2005


>-- Messaggio Originale --
>Date: Sat, 04 Jun 2005 16:16:04 +0200
>From: "Olle E. Johansson" <oej at edvina.net>
>To: Asterisk Users Mailing List - Non-Commercial Discussion <asterisk-users at lists.digium.com>
>Subject: Re: [Asterisk-Users] chan_sip + MD5 encryption: WARNING Format
for
>	authentication entry is user[:secret]@realm
>Reply-To: Asterisk Users Mailing List - Non-Commercial Discussion <asterisk-users at lists.digium.com>
>
>
>Plaintext passwords is *not* used in SIP at all, so auth= is used for
>realm based authentication. Please check the sip.conf.sample in CVS head
>distribution and remove the auth= option.
>
>/Olle


Thanks Olle!

Sorry, there are some confusing posts on this list that show the (incorrect)
use of auth=md5 for SIP.

Now, if I'm not mistaken, md5secret=hashed_passwd would be used not to store
passwords in clear text in the sip.info/db, then. Is it right?
However, what do you mean with "Plaintext passwords is *not* used in SIP
at all"? Does it mean that passwords are never sent as clear text over the
Internet? Are passwords somehow encrypted, then? I've just downloaded RFC
3261 to have a deeper look at SIP, but in the meanwhile could you give me
a quick explanation concernig this issue, please? (Yes, I know... I've lot
to learn! :) )

TIA,

Alex

__________________________________________________________________
TISCALI ADSL 1.25 MEGA a soli 19.95 euro/mese
Solo con Tiscali Adsl navighi senza limiti di tempo
a meno di 20 euro al mese e in piu' telefoni senza
pagare il canone Telecom. Scopri come
http://abbonati.tiscali.it/adsl/sa/1e25flat_tc/






More information about the asterisk-users mailing list