José Pablo Méndez Soto
2014-Jan-22 05:08 UTC
[asterisk-users] Register => plain text password
Hello, Is there anyway to encrypt or scramble a bit the secret used to register with a provider? Im talking about the register => fromuser at fromdomain:secret at host directive in sip.conf<http://www.voip-info.org/wiki/view/Asterisk+config+sip.conf> This clever dude modified the code back in 1.4: http://www.oneharding.com/voip/asterisk_md5_register.html I imagine that so many years later, and now with the implementation of pjsip this secret could be better protected? It is very unsafe to keep the accounts password right out there. Any ideas? *Jos? Pablo M?ndez * -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20140121/b6098cc1/attachment.html>
On Wednesday 22 January 2014, Jos? Pablo M?ndez Soto wrote:> Hello, > > Is there anyway to encrypt or scramble a bit the secret used to register > with a provider? Im talking about the > > register => fromuser at fromdomain:secret at host > > directive in > sip.conf<http://www.voip-info.org/wiki/view/Asterisk+config+sip.conf>No. Well. You *could* scramble it for storage; but that would only lull you into a false sense of security, because ultimately it would have to be able to be unscrambled by a program that was already right there on the machine, somewhere under /usr/src/ where any competent programmer can look at it. The client *has* to know the password in plaintext (or at least, how to decrypt the stored, encrypted password), in order to be able to send it to the server. The way things stand, the configuration file with the password in it need only be readable by the root user. And you know it has a password in it, so you take care with it. Here is an explanation from the developers of the Pidgin IM client, as to why they store passwords in plaintext in their configuration file: https://developer.pidgin.im/wiki/PlainTextPasswords> This clever dude modified the code back in 1.4: > > http://www.oneharding.com/voip/asterisk_md5_register.htmlUnfortunately, that doesn't work. It just elevates a stolen hash to the same level of usefulness as a stolen password (and she even says so much, in the linked article).> I imagine that so many years later, and now with the implementation of > pjsip this secret could be better protected?No, because the underlying problem -- that decrypting a stored password also requires the decryption key; but if the decryption key and encrypted password are stored on the same machine, then anyone with access to the machine is able to decrypt the password -- is a limitation of the universe, *not* a limitation of present-day technology. There is simply nothing that anybody could invent that would get around this.> It is very unsafe to keep the > accounts password right out there. Any ideas?It's hidden behind another password, and that's about as secure as it's mathematically possible ever to make it. And if someone else has root access to your machine, then I humbly suggest that a SIP password might not be the driest lentil you have to soak. -- AJS Answers come *after* questions.