[asterisk-users] Password to be ecrypted?

Paul Hayes paul at provu.co.uk
Wed May 4 10:55:09 CDT 2011


On 03/05/11 09:09, Robles Román, José Miguel wrote:
> Perhaps using one-way hash functions (http://en.wikipedia.org/wiki/Cryptographic_hash_function) like MD5 or SHA-x, even if you get the file with passwords and the code that checks them, it would be difficult to find a collision (a password that matches the hash). This is the way in which apache, for example, stores passwords (see htpasswd).
>
> In order to maintain compatibility, the configurarion could be
>
> [...}
> secret_sha2 = ...
>
> Regards,
> José Miguel

I thought this already existed:

http://www.voip-info.org/wiki/view/Asterisk+sip+md5secret

Although I have to admit, I've never tried using it.

cheers,
Paul.



More information about the asterisk-users mailing list