ASTGENKEY
Section: Linux Programmer's Manual (8)
Updated: May 14th, 2005
Page Index
NAME
astgenkey - generates keys for for Asterisk IAX2 RSA authentication
SYNOPSIS
astgenkey
[ -q ] [ -n ] [ keyname ]
DESCRIPTION
astgenkey
This script generates an RSA private and public key pair in PEM format
for use by Asterisk. The private key should be kept a secret, as it can
be used to fake your system's identity. Thus by default (without the
option
-n
) the script will create a passphrase-encrypted copy of your secret key:
without entering the passphrase you won't be able to use it.
However if you want to use such a key with Asterisk, you'll have to start
it interactively, because the scripts that start asterisk can't use that
encrypted key.
The key is identified by a name. If you don't write the name on the
command-line you'll be prompted for one. The outputs of the script are:
name.pub
-
The public key: not secret. Send this to the other side.
name.key
-
The private key: secret.
Those files should be copied to
/var/lib/asterisk/keys
(The private key: on your system. The public key: on other systems)
To see the currently-installed keys from the asterisk CLI, use the command
-
keys show
OPTIONS
-q
-
Run quietly.
-n
-
Don't encrypt the private key.
SECURITY
The keys are created, using the umask of the user running the command.
To create the keys in a secure manner, you should check to ensure that
your umask is first set to disallow the private key from being world-
readable, such as with the following commands:
umask 0066
astgenkey yourkey
And then make the key accessible to Asterisk (assuming you run it as
user "asterisk").
chown asterisk /var/lib/asterisk/keys/yourname.*
FILES
/var/lib/asterisk/keys
-
SEE ALSO
asterisk(8),
genrsa(1),
rsa(1),
http://www.voip-info.org/wiki-Asterisk+iax+rsa+auth
AUTHOR
This manual page was written by Tzafrir Cohen <
tzafrir.cohen@xorcom.com>
Permission is granted to copy, distribute and/or modify this document under
the terms of the GNU General Public License, Version 2 any
later version published by the Free Software Foundation.
On Debian systems, the complete text of the GNU General Public
License can be found in /usr/share/common-licenses/GPL-2.