1ASTGENKEY(8)               Linux Programmer's Manual              ASTGENKEY(8)
2
3
4

NAME

6       astgenkey - generates keys for for Asterisk IAX2 RSA authentication
7

SYNOPSIS

9       astgenkey [ -q ] [ -n ] [ keyname ]
10
11

DESCRIPTION

13       astgenkey  This  script generates an RSA private and public key pair in
14       PEM format for use by Asterisk.  The  private  key  should  be  kept  a
15       secret,  as  it  can  be  used to fake your system's identity.  Thus by
16       default (without the option -n ) the script will create  a  passphrase-
17       encrypted  copy of your secret key: without entering the passphrase you
18       won't be able to use it.
19
20       However if you want to use such a key with  Asterisk,  you'll  have  to
21       start  it  interactively, because the scripts that start asterisk can't
22       use that encrypted key.
23
24       The key is identified by a name. If you don't write  the  name  on  the
25       command-line you'll be prompted for one. The outputs of the script are:
26
27       name.pub
28              The public key: not secret. Send this to the other side.
29
30       name.key
31              The private key: secret.
32
33       Those files should be copied to /var/lib/asterisk/keys
34
35       (The private key: on your system. The public key: on other systems)
36
37       To see the currently-installed keys from the asterisk CLI, use the com‐
38       mand
39
40              keys show
41
42

OPTIONS

44       -q
45              Run quietly.
46
47       -n
48              Don't encrypt the private key.
49
50

SECURITY

52       The keys are created, using the umask of the user running the  command.
53       To  create the keys in a secure manner, you should check to ensure that
54       your umask is first set to disallow the private key from  being  world-
55       readable, such as with the following commands:
56
57       umask 0066
58
59       astgenkey yourkey
60
61       And  then  make  the key accessible to Asterisk (assuming you run it as
62       user "asterisk").
63
64         chown asterisk /var/lib/asterisk/keys/yourname.*
65
66

FILES

68       /var/lib/asterisk/keys
69
70

SEE ALSO

72       asterisk(8), genrsa(1), rsa(1),
73
74       http://www.voip-info.org/wiki-Asterisk+iax+rsa+auth
75
76

AUTHOR

78       This manual page  was  written  by  Tzafrir  Cohen  <tzafrir.cohen@xor‐
79       com.com>  Permission  is granted to copy, distribute and/or modify this
80       document under the terms of the GNU General Public License,  Version  2
81       any later version published by the Free Software Foundation.
82
83       On  Debian systems, the complete text of the GNU General Public License
84       can be found in /usr/share/common-licenses/GPL-2.
85
86
87
88Asterisk                        May 14th, 2005                    ASTGENKEY(8)
Impressum