File: astgenkey.8

package info (click to toggle)
asterisk 1:1.6.2.9-2+squeeze12
  • links: PTS, VCS
  • area: main
  • in suites: squeeze
  • size: 67,296 kB
  • ctags: 65,026
  • sloc: ansic: 327,660; sh: 11,153; cpp: 5,940; perl: 3,078; makefile: 2,594; yacc: 2,140; asm: 642; xml: 309; sql: 290; tcl: 113; php: 62
file content (143 lines) | stat: -rw-r--r-- 3,234 bytes parent folder | download | duplicates (2)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
.\" $Header$
.\"
.\"	transcript compatibility for postscript use.
.\"
.\"	synopsis:  .P! <file.ps>
.\"
.de P!
.fl
\!!1 setgray
.fl
\\&.\"
.fl
\!!0 setgray
.fl			\" force out current output buffer
\!!save /psv exch def currentpoint translate 0 0 moveto
\!!/showpage{}def
.fl			\" prolog
.sy sed \-e 's/^/!/' \\$1\" bring in postscript file
\!!psv restore
.
.de pF
.ie     \\*(f1 .ds f1 \\n(.f
.el .ie \\*(f2 .ds f2 \\n(.f
.el .ie \\*(f3 .ds f3 \\n(.f
.el .ie \\*(f4 .ds f4 \\n(.f
.el .tm ? font overflow
.ft \\$1
..
.de fP
.ie     !\\*(f4 \{\
.	ft \\*(f4
.	ds f4\"
'	br \}
.el .ie !\\*(f3 \{\
.	ft \\*(f3
.	ds f3\"
'	br \}
.el .ie !\\*(f2 \{\
.	ft \\*(f2
.	ds f2\"
'	br \}
.el .ie !\\*(f1 \{\
.	ft \\*(f1
.	ds f1\"
'	br \}
.el .tm ? font underflow
..
.ds f1\"
.ds f2\"
.ds f3\"
.ds f4\"
'\" t 
.ta 8n 16n 24n 32n 40n 48n 56n 64n 72n  
.TH ASTGENKEY 8 "May 14th, 2005" "Asterisk" "Linux Programmer's Manual"
.SH NAME
.B astgenkey \- generates keys for for Asterisk IAX2 RSA authentication
.SH SYNOPSIS
.PP 
.B astgenkey
[ \-q ] [ \-n ] [ \fIkeyname\fP ]

.SH DESCRIPTION
.B astgenkey 
This script generates an RSA private and public key pair in PEM format 
for use by Asterisk.  The private key should be kept a secret, as it can 
be used to fake your system's identity.  Thus by default (without the 
option 
.I \-n
) the script will create a passphrase-encrypted copy of your secret key: 
without entering the passphrase you won't be able to use it. 

However if you want to use such a key with Asterisk, you'll have to start 
it interactively, because the scripts that start asterisk can't use that
encrypted key.

The key is identified by a name. If you don't write the name on the 
command-line you'll be prompted for one. The outputs of the script are:

.I name\fB.pub
.RS
The public key: not secret. Send this to the other side.
.RE

.I name\fB.key
.RS
The private key: secret.
.RE

Those files should be copied to 
.I /var/lib/asterisk/keys

(The private key: on your system. The public key: on other systems)

To see the currently-installed keys from the asterisk CLI, use the command

.RS
show keys
.RE

.SH OPTIONS
.B \-q
.RS
Run quietly.
.RE

.B \-n
.RS
Don't encrypt the private key.
.RE

.SH SECURITY
The keys are created, using the umask of the user running the command.
To create the keys in a secure manner, you should check to ensure that
your umask is first set to disallow the private key from being world-
readable, such as with the following commands:

.I umask 0066

.I astgenkey yourkey

And then make the key accessible to Asterisk (assuming you run it as
user "asterisk").

  chown asterisk /var/lib/asterisk/keys/yourname.*

.SH FILES
.I /var/lib/asterisk/keys
.RS
.RE

.SH "SEE ALSO" 
asterisk(8), genrsa(1), rsa(1), 

http://www.voip\-info.org/wiki\-Asterisk+iax+rsa+auth

.SH "AUTHOR" 
This manual page was written by Tzafrir Cohen <tzafrir.cohen@xorcom.com> 
Permission is granted to copy, distribute and/or modify this document under 
the terms of the GNU General Public License, Version 2 any  
later version published by the Free Software Foundation. 

On Debian systems, the complete text of the GNU General Public 
License can be found in /usr/share/common\-licenses/GPL\-2.