> Anyway, the answer is: No, it's mathematically impossible to do > that. Even if the passwords were stored encrypted, Asterisk itself > has to be able to get the plaintext passwords to send to the remote > server; so the code to decrypt them must necessarily be located on > the machine. And the Source Code to Asterisk is readily available, > which is how come you were able to benefit from it, so it would be > trivial to extract the passwords in any case.
But there IS a way to improve things, and it's what Cisco routers do. You can have all password stored in config file encrypted with a single master key. That key is stored in a special file, containing just that key. THAT file must then be heavily-protected, but all OTHER config files can now be placed into CM or anywhere else they might be needed. -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users