> How does that improve things? The reason that works with Cisco routers > is because the code that reads that special key file and uses it to > decrypt the other files is closed-source; nobody can see how it works. > > As another poster said, that's not true for Asterisk. If Asterisk had > such a facility, the method used to decrypt the protected passwords > would be publicly available, as would the decryption key (in the special > key file). Anyone who wanted to decrypt the passwords from the config > files would have an only slightly more complex route to do so... it > would still be straightforward.
Please reread what I wrote. The encryption key for the passwords wouldn't be in Asterisk sources, but selected BY THE USER and stored in a SINGLE configuration file that contains just that password. This is what Cisco does. That way, the rest of the config files, which you might want to put in a CM system, need not be protected. -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
