astgenkey(8) - Linux man page
Name astgenkey - generates keys for for Asterisk IAX2 RSA authentication
Synopsis
astgenkey [ -q ] [ -n ] [ keyname ]
Description
However if you want to use such a key with Asterisk, you'll have to start it interactively, because the scripts that start asterisk can't use that encrypted key.
The key is identified by a name. If you don't write the name on the command-line you'll be prompted for one. The outputs of the script are:
name.pub
The public key: not secret. Send this to the other side.
name.key
The private key: secret.
Those files should be copied to /usr/share/asterisk/keys
(The private key: on your system. The public key: on other systems)
To see the currently-installed keys from the asterisk CLI, use the command
show keys
Options
-qRun quietly.
-n
Don't encrypt the private key.
Security
The keys are created, using the umask of the user running the command. To create the keys in a secure manner, you should check to ensure that your umask is first set to disallow the private key from being world- readable, such as with the following commands:umask 0066
astgenkey yourkey
And then make the key accessible to Asterisk (assuming you run it as user "asterisk").
chown asterisk /usr/share/asterisk/keys/yourname.*
Files
/usr/share/asterisk/keysSee Also
asterisk(8), genrsa(1), rsa(1),http://www.voip-info.org/wiki-Asterisk+iax+rsa+auth
Author
This manual page was written by Tzafrir Cohen <tzafrir.cohen@xorcom.com> Permission is granted to copy, distribute and/or modify this document under the terms of the GNU General Public License, Version 2 any later version published by the Free Software Foundation.On Debian systems, the complete text of the GNU General Public License can be found in /usr/share/common-licenses/GPL-2.