Home Forums HAast (High Availability for Asterisk) Configuration & Optimization Encryption of config file passwords

Tagged: , , ,

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • Avatar photoCustomer Inquiry
    Member
    August 31, 2021 at 2:41 pm
    Post count: 197
    #16545

    I use the same password across numerous devices (let’s say it’s “MyObviousPassword”). If someone gets access to my PBX they will find my password in the HAAst config file, and then they will be able to break into everything I own.

    Can this password by encrypted in a separate file or something?

    Avatar photoTelium Support Group
    Member
    August 31, 2021 at 2:45 pm
    Post count: 258
    #16546

    There are a couple of ways to address your problem.

    First, you can limit access to the HAAst config files (or even entire /etc/xdg/telium directory) so that only the root user can read them. Using the chmod command will allow you to set these files to readonly (r – -) for root:

    chmod 400 haast.conf

    Second, you can also encrypt the password before placing it into the config file. For example, using md5sum we can generate a hash of your obvious password:

    [root@qa14 dev]# echo "MyObviousPassword" | md5sum
7f1e7328e9c668dbc73485eecd91b7ba  -

    Then you would use 7f1e7328e9c668dbc73485eecd91b7ba as your password entered into the haast.conf file on both nodes.

  • Author
    Posts
Viewing 2 posts - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.