On Tuesday 26 Apr 2011, bilal ghayyad wrote: > Hi All; > > I am using Asterisk 1.8, how I can protect my self from hackers in case > they was able to see my sip.conf file? I need the password to be encrypted, > how?
Short answer: You can't. Asterisk itself needs to be able to read the stored passwords. The Source Code to Asterisk is readily available. Therefore, anyone who can read sip.conf, even if it is encrypted, will necessarily be able to decrypt it. Slightly more helpful answer: Make sure that sip.conf can only be read by the root user; # chown root:root /etc/asterisk/sip.conf # chmod 600 /etc/asterisk/sip.conf This is about as safe as it gets. If somebody manages to get root access to your Asterisk box, then you're already shafted ..... -- AJS Answers come *after* questions. -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
