Hey there!
I was wondering what the best practice is concerning passwords in Asterisk's config files. ari.conf has a neat feature where one can use a pre-encrypted password by using password_format=crypt for an ARI user However, I was wondering how to do similar things with e.g. database credentials when using realtime. Right now I am using a plain-text password in res_odbc.conf to get the database connection working. So the only protection here is restricting file permissions of the config file. Two questions that arise from this: Is there any other way to do this that I am missing? If no, would it be a desirable to implement pre-encrypted passwords for other config files in the same way as it is done in ari.conf? With best regards Florian Floimair Innovation - Software-Development COMMEND INTERNATIONAL GMBH A-5020 Salzburg, Saalachstraße 51 http://www.commend.com <http://www.commend.com/> Security and Communication by Commend FN 178618z | LG Salzburg -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- Check out the new Asterisk community forum at: https://community.asterisk.org/ New to Asterisk? Start here: https://wiki.asterisk.org/wiki/display/AST/Getting+Started asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
