Bastian Schern wrote:
Adam Hart schrieb:
Bastian Schern wrote:
Hello Asterisk friends,
is it possible to avoid plain text passwords in the iax.conf or the iaxfriends MySQL database table?
Asterisk needs the plain text password to authenicate. You could wrap a base64 decode when reading the passwords, but this is obsecurity, yet simple to implement & should prevent the casual browser. I guess a more secure method would public key crypto and give asterisk the key at runtime (obviously not 100% secure either)
I found out that MySQL offers some methods to store strong passwords: http://www.voip-info.org/wiki-Asterisk+sip+mysql+peers
But how I use this with Asterisk?
That's using private key crypto, when you store the password you do aes_encode(password,"somekey") then when asterisk reads it, do a aes_decode(password,"somekey") - modify chan_iax2 when you do the select - change the SQL statement: the column 'secret' to 'aes_decode(secret,"somekey") as real_secret' then below change secret to real_secret.
good luck,
Adam _______________________________________________ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
